Report - citytrend.com.ng/download-tom-macdonald-renegade-album/

Report Overview

Submitted URL
citytrend.com.ng/download-tom-macdonald-renegade-album/
IP
45.131.1.208
ASN
#211376 Kaan Girgin
Submitted
2022-11-28 13:43:33
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	176 kB	216.58.207.195
0df76f9508.04cbf4193b.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	487 B	309 B	168.119.25.22
c5400bbaf2.04cbf4193b.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	938 B	320 B	45.133.44.25
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
images.dmca.com	11903	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	841 B	5.3 kB	151.139.128.10
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.36
cdn.ftd.agency	101581	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	2.3 kB	37.48.117.210
js.wpadmngr.com	25762	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	374 B	45.133.44.24
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.3
stats.wp.com	2711	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	3.8 kB	192.0.76.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	68 kB	34.120.237.76
sandwichesinstinctive.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	467 B	192.243.59.20
www.spikereekvelocity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.2 kB	192.243.61.225
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.252.32
jbm6c54upkui.com	164512	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	15 kB	173.233.137.36
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.2 kB	142.250.74.10
4e699dd731.b509ab5b0d.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	75 kB	45.133.44.24
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	13 kB	23.36.76.226
z.cdn.ftd.agency	109566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.0 kB	37.48.117.210
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	771 B	89 kB	142.250.74.168
f2.cdn.ftd.agency	174428	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	28 kB	178.162.194.134
citytrend.com.ng	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.1 kB	1.4 MB	45.131.1.208
pixel.wp.com	2545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	239 B	192.0.76.3
pushazam.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	3.3 kB	139.45.197.251
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	4.2 kB	192.0.77.48
gertrk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	931 B	168.119.139.96
euro-times.org	188969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.5 kB	539 kB	94.242.54.185

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	pushazam.com/ntfc.php?p=2697734	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	b509ab5b0d.com	Sinkholed
2022-11-28	medium	04cbf4193b.com	Sinkholed
2022-11-28	medium	04cbf4193b.com	Sinkholed
2022-11-28	medium	b509ab5b0d.com	Sinkholed
2022-11-28	medium	sandwichesinstinctive.com	Sinkholed
2022-11-28	medium	spikereekvelocity.com	Sinkholed
2022-11-28	medium	spikereekvelocity.com	Sinkholed
2022-11-28	medium	b509ab5b0d.com	Sinkholed

JavaScript (40)

	URL	Size	First Seen	Last Seen
	images.dmca.com/Badges/DMCABadgeHelper.min.js	465 B	2023-03-07	2024-04-18
Pretty URL images.dmca.com/Badges/DMCABadgeHelper.min.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-18 09:40:53 Times Seen3904 Hash bac6fb686027b93b6565e1b1e5e8e213 e585bdd95488444f0ce2888d8281dbdaf73ca2ea e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	200 B	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash c846645f1a98afbb4d4ec593e6b393c0 5ff91736bdf774b6b220da454ca17d9d4d73a07e 82059b8712e4557e9c81ce33a5388d929cba1b492703bc92e19c576659dff091 Loading...

	z.cdn.ftd.agency/load?z=1878579115&div=zone_1878579115&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1310&hc=16&n=1669643002188&url=citytrend.com.ng%2Fdownload-tom-macdonald-renegade-album%2F&vc=0&ti=Download%20Tom%20MacDonald%20%E2%80%94%20Renegade%20(Album)%20%C2%BB%20CitytrendTv%20v2.0&zyx=3710390753	5.3 kB	2023-03-11	2023-03-11
Pretty URL z.cdn.ftd.agency/load?z=1878579115&div=zone_1878579115&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1310&hc=16&n=1669643002188&url=citytrend.com.ng%2Fdownload-tom-macdonald-renegade-album%2F&vc=0&ti=Download%20Tom%20MacDonald%20%E2%80%94%20Renegade%20(Album)%20%C2%BB%20CitytrendTv%20v2.0&zyx=3710390753 IP 37.48.117.210 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 0822196c22dcdbbfec68552aa6a449dd 3574576d752d2e750c5f83ce53f96ca1ad2a00f9 cc5d90c956d374fa3926e452a6cc93bbad1012c597d54958a3f9fb8801da790b Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	6.4 kB	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 9bae88f6920f8bc38cdc3d5f17019ce1 d3383d537729106b39923749bade800480d361d9 e5113ec7a399b06129fb906f5b6e1e92078a1c098c9601039ad1177d491f7e1b Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	155 B	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 3c1cc0af97e4481c85773b0e4a048c2b 4e1aa09102b018565a5b6b7232e0056e3aabdb29 19d34eaf890a61aa92cfd9a1f61c92af645b72fe5f22951fddeeb234211d5daf Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	154 B	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 7aec6833547e41a4ea96fc2fa873e463 11ebd79f2cc72a79228b77e2365b408719ee36d7 bf35f4ac11686023ce6eb4a679a3141d333c360a64dc585eeac5b6957f91c094 Loading...

	citytrend.com.ng/wp-includes/js/comment-reply.min.js?ver=6.1.1	3.0 kB	2023-03-07	2024-04-19
Pretty URL citytrend.com.ng/wp-includes/js/comment-reply.min.js?ver=6.1.1 IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 12:57:54 Times Seen29165 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	euro-times.org/no/vg/landing.js	2.7 kB	2023-03-11	2023-03-11
Pretty URL euro-times.org/no/vg/landing.js IP 94.242.54.185 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:04:32 Last Seen2023-03-11 23:21:23 Times Seen1 Hash 6f097f34f0d7d31372d8d10efb8b5bc5 abfdda42379821c0d427f7bafa00fa10aca78130 45a2c3718857a6d88bbea4677e8b3d15a36f09c2f9cffa89b38cc8cfd76178e8 Loading...

	citytrend.com.ng/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=30.0	31 kB	2023-03-07	2024-02-06
Pretty URL citytrend.com.ng/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=30.0 IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:01 Last Seen2024-02-06 02:45:04 Times Seen168 Hash b753f485024174626568628103b9386c 9e54aad4c4242021d0153326310cc6ae96d61300 9a6d5096068784e4493f9b3a5d4226b12c966fbcc43d7ab1007d9f0dd9025f49 Loading...

	citytrend.com.ng/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664400136	11 kB	2023-03-08	2024-04-09
Pretty URL citytrend.com.ng/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664400136 IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:26:33 Last Seen2024-04-09 17:29:02 Times Seen124 Hash 670400ecee852ba2a3ff7fea4845a326 5e26b3646e270d6fdeec8261a8ead2edd0dec398 070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3 Loading...

	jbm6c54upkui.com/5f247bc4616b77a82439f0dac7d7af5d/invoke.js	25 kB	2023-03-11	2023-03-11
Pretty URL jbm6c54upkui.com/5f247bc4616b77a82439f0dac7d7af5d/invoke.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 6474c72ca564fb8349420ff3d6e65f0c 8e1a449383f768efb6a0bdeb55e416f2ea4fc680 91658618a9d50411210212f4abac8cfcd494a792a25d18ad544cd06fcde090f0 Loading...

	euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c	326 B	2023-03-11	2023-03-11
Pretty URL euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c IP 94.242.54.185 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:49:36 Last Seen2023-03-11 23:21:23 Times Seen1 Hash ccbfefed1f94a40249bca501e52a998e 2d86364902508ba296819e55a9d19ba9edde59b6 cd45d2e907172a53912f91f4b4774c60b1137a046adea76266392f150a7cb3ee Loading...

	citytrend.com.ng/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-19
Pretty URL citytrend.com.ng/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 12:23:33 Times Seen31780 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	citytrend.com.ng/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-19
Pretty URL citytrend.com.ng/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 12:23:33 Times Seen37994 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	523 B	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 1c514367b2fd71ae61ad977a095c86b7 2f78eac1ad1dd38dc5716f37c4fa284ca857cb32 ac7eff07eba07ea7d312cad0c1b6d1956d3044e345a4c2c68e65e91ad763ac17 Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	2.2 kB	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash a8e2df37e1791f655f74715b4f2460ee 36d076064d412cf45413824f436c332301243e90 b8acebaa936fbe643c83af758c708d1a54b4478a1bbaa1d20e7f794605e7f28a Loading...

	euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c	610 B	2023-03-11	2023-03-11
Pretty URL euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c IP 94.242.54.185 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:04:32 Last Seen2023-03-11 23:21:23 Times Seen1 Hash 9765e5db8aa0c63e4236a140d0fbf0f9 5d8d5c03939455c3d271be6316cfc25b7c767620 e17c7f8a94d2fd0afe881230221884f4ac4078efe36cbb526372876df50d1e00 Loading...

	pushazam.com/ntfc.php?p=2697734	14 kB	2023-03-11	2023-03-11
Pretty URL pushazam.com/ntfc.php?p=2697734 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:17:50 Last Seen2023-03-11 22:16:10 Times Seen1 Hash 7d06780fa64c43c01e7f1c677c79cf49 d8c70ece4c13ec3ed0e9f494b4cd118a993edbbf af8585de9e08996e7ed00ec39ba898764130b0ee7bf234e343b4151030aa643d Loading...

	jbm6c54upkui.com/watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F	471 B	2023-03-11	2023-03-11
Pretty URL jbm6c54upkui.com/watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 43297f62cd985106cc706d538faeae91 8a36bb1ac04c94e243ef9a82875b187f219a3125 288a271db7516c0ca44114aae591f0c17b3cd17e24eb9cdd3c133494b182f55e Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	98 kB	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:16:59 Last Seen2023-03-11 22:16:10 Times Seen1 Hash 5f80c8eb753898d27f5fb26afe52b14d eefa351bfc41556385afaaf718da738be44f7158 1457cd0f9f509a2452e9f1ab9f0f4b5fad2f27d7d91003f122367dac9b1b8fe5 Loading...

	f2.cdn.ftd.agency/libs/banner_html5.js	2.2 kB	2023-03-07	2024-01-30
Pretty URL f2.cdn.ftd.agency/libs/banner_html5.js IP 178.162.194.134 ASN #28753 Leaseweb Deutschland GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:24 Last Seen2024-01-30 10:29:33 Times Seen62 Hash cf1ee35aa99fd8387e69061198320d83 9a001872b63d69c0131d70d10c35cacd15bfce84 e5ea550aa4bcb9f327fa18006fbbb06b5df119f19af6e26de29ffae10e0af430 Loading...

	jbm6c54upkui.com/watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F	29 B	2023-03-08	2024-01-15
Pretty URL jbm6c54upkui.com/watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	www.spikereekvelocity.com/m3vcib848?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122935	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/m3vcib848?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122935 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	stats.wp.com/e-202248.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202248.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 14:50:44 Times Seen36960791 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.ftd.agency/libs/e.js	2.8 kB	2023-03-07	2023-04-01
Pretty URL cdn.ftd.agency/libs/e.js IP 37.48.117.210 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:46:51 Last Seen2023-04-01 11:15:23 Times Seen19 Hash 3a4df9798a0d1b4ebde421bea1a941f8 977cfc5e4c62aea22db19ec7564212ea74dc3c96 b94cca07fdf39214a885812d5c0cf5bc370499e17f4d94ddfc4728d4dcf1ef47 Loading...

	jbm6c54upkui.com/watchnew?key=09cf4c3094c607f34f192871adcc4c44	2.1 kB	2023-03-07	2023-04-01
Pretty URL jbm6c54upkui.com/watchnew?key=09cf4c3094c607f34f192871adcc4c44 IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:32 Last Seen2023-04-01 11:21:39 Times Seen10 Hash 8f4f68536c4b3fa19936445f3617dc16 234e6edb17916a89a9391432e12d9a979c826617 85c9d848cd4a2f0b70f8129a759604ead506f3f8726d27991ebf01b33ec3288d Loading...

	euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c	667 B	2023-03-11	2023-03-11
Pretty URL euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c IP 94.242.54.185 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:49:37 Last Seen2023-03-11 23:21:23 Times Seen1 Hash 09f6267c9ab627de526ab6e22112a08e 1ca93f59ba3a313ffc3e29f96e8cd10c1154a2cf 95a37a74278aabb3a7ca289f900fbe54629b8ee617c83ec3862de49b997a5932 Loading...

	euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c	667 B	2023-03-11	2023-03-11
Pretty URL euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c IP 94.242.54.185 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:49:36 Last Seen2023-03-11 23:21:23 Times Seen1 Hash 8a82770711ed2176aaf39a3cd037409f bb707468e747112ef1f1b7d70848db227433159a 6c165798b3bd750e32c71bc811713ed84a91e35c1548ce59abaf11a66b0854c0 Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	341 B	2023-03-11	2023-03-11
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash f53df36824094fde879c78ff514989ea fbb15be719751f2b01895f3a209849347a83596d 7173edbf7d67b8d0033d8149751db020eb8ee309667822793f8681c2ba9b5fa4 Loading...

	citytrend.com.ng/download-tom-macdonald-renegade-album/	87 B	2023-03-07	2024-04-18
Pretty URL citytrend.com.ng/download-tom-macdonald-renegade-album/ IP 45.131.1.208 ASN #211376 Kaan Girgin Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-04-18 15:16:02 Times Seen5988 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N6V6R3V	96 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N6V6R3V IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 59cd9f82304640485b5e60c2878cba61 10a0631ca229607e998cabb50a51674232410bc5 062be39b7e76e5ed739b3f4e1ff1d424982ede006380ad6c21a4a93baf85c0c3 Loading...

	4e699dd731.b509ab5b0d.com/d025a52ef006cf2ebb8ceb0b2aeacbc0.js	297 kB	2023-03-08	2023-03-11
Pretty URL 4e699dd731.b509ab5b0d.com/d025a52ef006cf2ebb8ceb0b2aeacbc0.js IP 45.133.44.24 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:53 Last Seen2023-03-11 23:53:15 Times Seen1 Hash 763052291fa888c7d7fc017a48a83c26 f7a44a2353fc8337d4a0f6245755b537845d1447 fedc48db43b2328c0a245cad41741b3b3796e03fb4b3bcad9f86790b18eae0c4 Loading...

	www.spikereekvelocity.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16358553	358 B	2023-03-08	2023-04-05
Pretty URL www.spikereekvelocity.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16358553 IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:17:18 Last Seen2023-04-05 02:12:07 Times Seen39 Hash 33bf62fededb234013ab70af0a15c007 2248a872b419ef08c903fb72fbe8d2e6d3e8345e 721bb88b5a3381f53717b5d6b143095960644befc0bc50a3913f2a4f1ca6bf28 Loading...

	www.googletagmanager.com/gtag/js?id=UA-57071470-2	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-57071470-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 7e4350b670dba973782c9d5d6b3cf881 103fd6c6e1f8e86aacaad4af93e03a41e1df6393 06016df1d3cf3ad90993fff13ec29574c542867997aa5be36cda5362421c336b Loading...

	www.googletagmanager.com/gtag/js?id=UA-134682053-2	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-134682053-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:54:30 Last Seen2023-03-11 21:54:30 Times Seen1 Hash 7d27332d446bdb6b1f6740a56857bd10 7a6959e76958b3a5612c6b3e1fcdd348dac291da 33ca70a3630ecd60ea035173eb66ebad5dabceced3a11b4314287c5e8997185c Loading...

		Size	First Seen	Last Seen
	#1 Write - e3c7aa45d1844b409caa254d12eb150a	10 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:01:17 Last Seen2023-03-11 23:51:20 Times Seen1 Hash e3c7aa45d1844b409caa254d12eb150a caf4c5b3d5e74c3fc099ebabff6a0d5c35986d02 dc11e0f3e48c241b36f4769e0d70fbaf4200a136d10a1c112f4edf9613365e4d Loading...

	#2 Write - 9d4d118e38e0a3d9e3b1a50516cb73d7	17 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:49:37 Last Seen2023-03-11 21:55:15 Times Seen1 Hash 9d4d118e38e0a3d9e3b1a50516cb73d7 c930c0ca324753728c2393952fe447072849b471 c21157dff7402bcc8f8927f17a289f5585c69fafc4c0dd8279dfedd4e4fdc5d2 Loading...

	#3 Write - e24a86504d8bdd6f9205027eb6ea87a0	10 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:01:17 Last Seen2023-03-11 23:51:20 Times Seen1 Hash e24a86504d8bdd6f9205027eb6ea87a0 692ac36017882f9ff4df79cdf81d06da146e8142 2c63700810e4979b0ea4be23d3cd029a01212519136c81f8258900415ea1e92b Loading...

	#4 Write - 98612962822e2a497828aaec9acdbfed	17 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:49:37 Last Seen2023-03-11 21:55:15 Times Seen1 Hash 98612962822e2a497828aaec9acdbfed 7c0f9051921cb5a709e7f302b10f8eaf97520400 c011b88de68bbe655aa4fc8a2804d8cf6a680eadce2a4c2b3d6e74261c6c1207 Loading...

HTTP Transactions (131)

URL IP Response Size

citytrend.com.ng/download-tom-macdonald-renegade-album/

45.131.1.208

301 Moved Permanently

706 B

URL HTTP/1.1
citytrend.com.ng/download-tom-macdonald-renegade-album/
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
706 B (706 bytes)
Hash
67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

HTTP Headers

GET /download-tom-macdonald-renegade-album/ HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Mon, 28 Nov 2022 13:43:21 GMT
Server: LiteSpeed
Location: https://citytrend.com.ng/download-tom-macdonald-renegade-album/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12647
Expires: Mon, 28 Nov 2022 17:14:08 GMT
Date: Mon, 28 Nov 2022 13:43:21 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:21 GMT
Last-Modified: Mon, 28 Nov 2022 11:58:21 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10617
Expires: Mon, 28 Nov 2022 16:40:18 GMT
Date: Mon, 28 Nov 2022 13:43:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 13:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1429
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 14U+moxT4/osjH6Pgcc6hsly87gCW1K12KP0kmiNu4zWAY7m2EMk3iME4aGkBh6wVNP/h084hBg=
x-amz-request-id: VJB84M95B3195EE0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 13:42:05 GMT
age: 76
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 13:08:55 GMT
cache-control: public,max-age=3600
age: 2067
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4837
Cache-Control: max-age=161050
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:27:32 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

citytrend.com.ng/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

45.131.1.208

200 OK

12 kB

URL HTTP/2
citytrend.com.ng/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 21:29:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

45.131.1.208

200 OK

2.4 kB

URL HTTP/2
citytrend.com.ng/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.4 kB (2394 bytes)
Hash
ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1

45.131.1.208

200 OK

982 B

URL HTTP/2
citytrend.com.ng/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (4186), with no line terminators
Size
982 B (982 bytes)
Hash
24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

citytrend.com.ng/wp-includes/css/classic-themes.min.css?ver=1

45.131.1.208

200 OK

144 B

URL HTTP/2
citytrend.com.ng/wp-includes/css/classic-themes.min.css?ver=1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text
Size
144 B (144 bytes)
Hash
fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 07:54:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/themes/mh-magazine-lite/style.css?ver=30.0

45.131.1.208

200 OK

9.6 kB

URL HTTP/2
citytrend.com.ng/wp-content/themes/mh-magazine-lite/style.css?ver=30.0
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (586), with CRLF line terminators
Size
9.6 kB (9583 bytes)
Hash
fffb2289893c483248ee25d12f6315e1
a3ee02f5a0c9ff16025678c4520ed697ca5e99e7
31ea10e581992d152c7e3410e0a2d752a99b06f842886218380438fcd4155ba2

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/style.css?ver=30.0 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Sun, 18 Sep 2022 12:23:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9583
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

images.dmca.com/Badges/DMCABadgeHelper.min.js

151.139.128.10

200 OK

395 B

URL HTTP/2
images.dmca.com/Badges/DMCABadgeHelper.min.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
395 B (395 bytes)
Hash
365ad8f83802168e7326b29df6a22f4a
a096aa3c7e46525c7b7c54cb6b7987f01559b688
dafd787e6bf2c7ed10cb6c14f36ada4e5e9b7c15ffe7393cd6000acb946ebf13

HTTP Headers

GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:22 GMT
content-encoding: gzip
content-length: 395
content-type: application/javascript
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1669643002.cds224.sk1.hn,1669643002.cds225.sk1.c
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2

images.dmca.com/Badges/dmca-badge-w150-5x1-11.png?ID=0e3d6568-ffc1-4947-b3ef-f0b5b6b7a3f3

151.139.128.10

200 OK

4.0 kB

URL HTTP/2
images.dmca.com/Badges/dmca-badge-w150-5x1-11.png?ID=0e3d6568-ffc1-4947-b3ef-f0b5b6b7a3f3
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 150 x 30, 8-bit/color RGBA, interlaced\012- data
Size
4.0 kB (3953 bytes)
Hash
a2e492628cd8e78a24c5872f38280347
4271298cc5d1aceca7df02d42cf0112ae0e868da
b738afd4ae441186f7e5bf1a36abac671895499539dc504723d5a2f5f6a9a065

HTTP Headers

GET /Badges/dmca-badge-w150-5x1-11.png?ID=0e3d6568-ffc1-4947-b3ef-f0b5b6b7a3f3 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:22 GMT
content-length: 3953
content-type: image/png
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "9694b03aace6d11:0"
x-powered-by: ASP.NET
x-hw: 1669643002.cds224.sk1.hn,1669643002.cds246.sk1.c
link: <https://www.dmca.com/Badges/dmca-badge-w150-5x1-11.png>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.41.252.32

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.252.32:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: go8Uf1g3CxnFBbvx/KKnfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mJeq3Ng5SYaS4TsNeRXKp79ptok=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d86b7108fea22ec338a6861f3ac91360
d298b5e6ede8b6b67970dee1ec5a3d693e69a8d1
519a786e26b6db1b5916bbd4e340a4d8ea5561619425b1b7251305338fab2bee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519A786E26B6DB1B5916BBD4E340A4D8EA5561619425B1B7251305338FAB2BEE"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4124
Expires: Mon, 28 Nov 2022 14:52:06 GMT
Date: Mon, 28 Nov 2022 13:43:22 GMT
Connection: keep-alive

citytrend.com.ng/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css

45.131.1.208

200 OK

6.7 kB

URL HTTP/2
citytrend.com.ng/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (30837)
Size
6.7 kB (6658 bytes)
Hash
97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 13:09:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1

45.131.1.208

200 OK

16 kB

URL HTTP/2
citytrend.com.ng/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (15569 bytes)
Hash
689ebe98eda70de6e971dd03b18f0328
218ed8ee8e28b44f8492660c2c750f47ae0b3447
945844c773bb0f2ed5f1fb8d2f5ff8a4b9471860df265eda71fa679ff98ea80f

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 21:29:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15569
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-134682053-2

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-134682053-2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43679 bytes)
Hash
d8cb5c2006d1027eba73a7a961b98d8a
af795e4bbf22a8cb4b8afa567437c29f15d91489
ad4179c103158973ae7cf2584a95805ae94306231a24bd23183521dad47560e8

HTTP Headers

GET /gtag/js?id=UA-134682053-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 13:43:22 GMT
expires: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-57071470-2

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-57071470-2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43603 bytes)
Hash
5f105a65c3dbe361c2877fe57e33713f
3a290acfab90e0dbc07a8d5dbe8916b585160a49
7d97e5638c40c424853932be149ada6250b4f20f26e45b7439cd236672f4dc93

HTTP Headers

GET /gtag/js?id=UA-57071470-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 13:43:22 GMT
expires: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.wp.com/e-202248.js

192.0.76.3

200 OK

3.5 kB

URL HTTP/2
stats.wp.com/e-202248.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (2690)
Size
3.5 kB (3459 bytes)
Hash
c449fe62a0fa87c4239fe86ffcef5620
dbd29ebd9d8c80442dc64360b65738975f745cfb
ddacd7f6a64b7118c9f1f018001969441e78b4ea9ddcfb7759bf2dcd4658bb13

HTTP Headers

GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

citytrend.com.ng/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

45.131.1.208

200 OK

30 kB

URL HTTP/2
citytrend.com.ng/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 07:54:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

45.131.1.208

200 OK

4.0 kB

URL HTTP/2
citytrend.com.ng/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=30.0

45.131.1.208

200 OK

9.9 kB

URL HTTP/2
citytrend.com.ng/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=30.0
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (7205)
Size
9.9 kB (9943 bytes)
Hash
48fe1f5cd6bc97d2e5bc7505a27eff78
8111fed42da087057f7c921456a77dcc6d03400c
7e273f68c3d9e1523bf647503371259b1b68aa903bac05730e5e851c5ec3ef86

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=30.0 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 13:09:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9943
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-includes/js/comment-reply.min.js?ver=6.1.1

45.131.1.208

200 OK

1.2 kB

URL HTTP/2
citytrend.com.ng/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (2946)
Size
1.2 kB (1228 bytes)
Hash
7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:13:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664400136

45.131.1.208

200 OK

2.8 kB

URL HTTP/2
citytrend.com.ng/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664400136
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text
Size
2.8 kB (2820 bytes)
Hash
14bb19f1cdc7df7b838cd16600cbacb7
8b61b1183f890f4888bea2e00c11536827fd8f48
d831665de6965cd37fedc73a215332c90cbbe36d96f986fbc9fe6bb0553b26ca

HTTP Headers

GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664400136 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 21:22:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2820
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/uploads/2022/03/Tom-MacDonald-%E2%80%94-In-God-We-Trust-ft.-Adam-Calhoun-Struggle-Jennings-Nova-Rockafeller.jpeg?v=1646740311

45.131.1.208

200 OK

44 kB

URL HTTP/2
citytrend.com.ng/wp-content/uploads/2022/03/Tom-MacDonald-%E2%80%94-In-God-We-Trust-ft.-Adam-Calhoun-Struggle-Jennings-Nova-Rockafeller.jpeg?v=1646740311
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 554x554, components 3\012- data
Size
44 kB (43817 bytes)
Hash
cd0b16c7798a102c76dc60fec7102fe7
5f5c0bf5aa2461e4aeaf0fda074c157d8ce7a2e0
5e29f4d36dcdad700ad8d5fd1a0b34f87cdbe8b665f2f07e4e21512fb95815a2

HTTP Headers

GET /wp-content/uploads/2022/03/Tom-MacDonald-%E2%80%94-In-God-We-Trust-ft.-Adam-Calhoun-Struggle-Jennings-Nova-Rockafeller.jpeg?v=1646740311 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: image/jpeg
last-modified: Tue, 08 Mar 2022 11:51:51 GMT
accept-ranges: bytes
content-length: 43817
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pixel.wp.com/g.gif?v=ext&blog=150468578&post=216206&tz=1&srv=citytrend.com.ng&j=1%3A11.5.1&host=citytrend.com.ng&ref=&fcp=0&rand=0.38915136619856916

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=150468578&post=216206&tz=1&srv=citytrend.com.ng&j=1%3A11.5.1&host=citytrend.com.ng&ref=&fcp=0&rand=0.38915136619856916
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=150468578&post=216206&tz=1&srv=citytrend.com.ng&j=1%3A11.5.1&host=citytrend.com.ng&ref=&fcp=0&rand=0.38915136619856916 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
71b2b48ac390c194c6694c8160166647
36d784bd0d30a270719e1d0f48a9ca217efe2dee
78d761a62f43139d8fd40d48b011d80aa1339a86cf17a6bfaa2726d5030dbd8f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 27 Nov 2022 21:00:08 GMT
Expires: Mon, 28 Nov 2022 21:00:08 GMT
ETag: "36d784bd0d30a270719e1d0f48a9ca217efe2dee"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

fonts.gstatic.com/s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16780, version 1.0\012- data
Size
17 kB (16780 bytes)
Hash
442e4ee909315121ec3abc8db2f5c2e5
c8ad6315296b32c25350e9c7c724d10a2a745cb6
9143c69a1b271019aa0c602b4addb1c0256e503785c1ddd6163c2cb176c50768

HTTP Headers

GET /s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 00:21:41 GMT
expires: Sat, 25 Nov 2023 00:21:41 GMT
cache-control: public, max-age=31536000
age: 307301
last-modified: Thu, 21 Apr 2022 16:53:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/aladin/v18/ZgNSjPJFPrvJV5fF7i35.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/aladin/v18/ZgNSjPJFPrvJV5fF7i35.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14584, version 1.0\012- data
Size
15 kB (14584 bytes)
Hash
96a894e6f290362cc8891c884896a688
b5e4d8e7c2733df559af646ac7f2b22f3e045d1e
a4481662c28a73d75fadc803f856c57b84b5f5d7c9e6e69d78e0298089230682

HTTP Headers

GET /s/aladin/v18/ZgNSjPJFPrvJV5fF7i35.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 20:15:04 GMT
expires: Thu, 23 Nov 2023 20:15:04 GMT
cache-control: public, max-age=31536000
age: 408498
last-modified: Tue, 19 Apr 2022 18:31:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

citytrend.com.ng/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

45.131.1.208

200 OK

4.6 kB

URL HTTP/2
citytrend.com.ng/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:13:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/uploads/2022/11/Mohbad-%E2%80%94-Weekend.jpeg

45.131.1.208

200 OK

101 kB

URL HTTP/2
citytrend.com.ng/wp-content/uploads/2022/11/Mohbad-%E2%80%94-Weekend.jpeg
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1024x1024, components 3\012- data
Size
101 kB (101096 bytes)
Hash
b29ccef9a3a31fb3914b65a2d914533a
0f1b52d0f54df2ba57cea221b7a7b13815022c3e
8ce409b8e146c147b35b5555e5513731a0b26c8d085a06c19c2d502d21b6eabc

HTTP Headers

GET /wp-content/uploads/2022/11/Mohbad-%E2%80%94-Weekend.jpeg HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: image/jpeg
last-modified: Wed, 23 Nov 2022 19:41:50 GMT
accept-ranges: bytes
content-length: 101096
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fonts.gstatic.com/s/andika/v22/mem8Ya6iyW-Lwqg40ZMFVZ0b.woff2

216.58.207.195

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/andika/v22/mem8Ya6iyW-Lwqg40ZMFVZ0b.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18784, version 1.0\012- data
Size
19 kB (18784 bytes)
Hash
5e643ce9feb3c7e6abe45c1e2cfe0346
1b71d8514200b3dfba4745d6d2717b108d3f67fa
9de3a56b75219c695ddf4d3b85ac20edc42db06e5fc52048dea09c43aa5898e1

HTTP Headers

GET /s/andika/v22/mem8Ya6iyW-Lwqg40ZMFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 21:49:49 GMT
expires: Wed, 22 Nov 2023 21:49:49 GMT
cache-control: public, max-age=31536000
age: 489213
last-modified: Tue, 24 May 2022 18:20:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/federo/v19/iJWFBX-cbD_ETsbWilmf.woff2

216.58.207.195

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/federo/v19/iJWFBX-cbD_ETsbWilmf.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 26604, version 1.0\012- data
Size
27 kB (26604 bytes)
Hash
ae16f7900227bfd140a2814679773e4d
799cdf1c4e05d88448dbb5d54f241fb646809d98
3b011df17e8d9676cbaae47f785b9060a97feb144818eb5770e1d8ae7455dafd

HTTP Headers

GET /s/federo/v19/iJWFBX-cbD_ETsbWilmf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:51:26 GMT
expires: Tue, 21 Nov 2023 21:51:26 GMT
cache-control: public, max-age=31536000
age: 575516
last-modified: Thu, 21 Apr 2022 16:57:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ftd.agency/libs/e.js

37.48.117.210

200 OK

1.7 kB

URL HTTP/1.1
cdn.ftd.agency/libs/e.js
IP
37.48.117.210:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text
Size
1.7 kB (1651 bytes)
Hash
02f679c9e331e69ac43f87af96915b9d
e589290852a088c34cbf7bb3104faa833244e1d4
7ea9bdfdd368aa5835ba2930414dc029b4d2ffbd46c362e33d2efaffbb8fad32

HTTP Headers

GET /libs/e.js HTTP/1.1
Host: cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 13 Sep 2022 09:47:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632051a8-aec"
Expires: Tue, 29 Nov 2022 13:43:22 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip

fonts.gstatic.com/s/charissil/v1/oPWJ_kV3l-s-Q8govXvKlEbJdjlXQw.woff2

216.58.207.195

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/charissil/v1/oPWJ_kV3l-s-Q8govXvKlEbJdjlXQw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21080, version 1.0\012- data
Size
21 kB (21080 bytes)
Hash
48342db9db569c134ad9833fdcd725ba
efccb4eb38df64794827e883061ae9065f1d55de
66f424798512ee4c642ebb6b85eb50777cf12523ebf9e596918b45803ca2facd

HTTP Headers

GET /s/charissil/v1/oPWJ_kV3l-s-Q8govXvKlEbJdjlXQw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 11:08:49 GMT
expires: Thu, 23 Nov 2023 11:08:49 GMT
cache-control: public, max-age=31536000
age: 441273
last-modified: Thu, 26 May 2022 21:09:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/atkinsonhyperlegible/v10/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/atkinsonhyperlegible/v10/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Size
17 kB (16872 bytes)
Hash
c32b0a3027e412b3c3fc50cef29d655f
ff704b6084924ec2e1ac9e5b151c42aae59a6f6f
32e7aec16901a1f1a5ad7bd17c599fe62ede04f4059358d9134f89522fbc0162

HTTP Headers

GET /s/atkinsonhyperlegible/v10/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 12:42:58 GMT
expires: Thu, 23 Nov 2023 12:42:58 GMT
cache-control: public, max-age=31536000
age: 435624
last-modified: Tue, 30 Aug 2022 17:13:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/atkinsonhyperlegible/v10/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/atkinsonhyperlegible/v10/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16496, version 1.0\012- data
Size
16 kB (16496 bytes)
Hash
d329c75ac853b7f32cafc5bca78e9d9e
d2a88418c5b207b5f0a5c3522c8cb7cf97bb9634
d3351d61cc20cda98f78d87b7809925a951f4eabdfb13ef5ad8699a633114096

HTTP Headers

GET /s/atkinsonhyperlegible/v10/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 12:39:33 GMT
expires: Thu, 23 Nov 2023 12:39:33 GMT
cache-control: public, max-age=31536000
age: 435829
last-modified: Tue, 30 Aug 2022 17:13:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pushazam.com/zone?pub=0&zone_id=2697734&is_mobile=false&domain=citytrend.com.ng&var=&ymid=&var_3=

139.45.197.251

200 OK

180 B

URL HTTP/2
pushazam.com/zone?pub=0&zone_id=2697734&is_mobile=false&domain=citytrend.com.ng&var=&ymid=&var_3=
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
180 B (180 bytes)
Hash
a05e130e2ed5a977231be4ec211bf860
e14ab29820075937870bbe4ff321cd6b836e8550
5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0

HTTP Headers

GET /zone?pub=0&zone_id=2697734&is_mobile=false&domain=citytrend.com.ng&var=&ymid=&var_3= HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: application/json; charset=utf-8
content-length: 180
x-trace-id: 503accaf550d8b2742ae923b0429b2bb
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0

45.131.1.208

200 OK

77 kB

URL HTTP/2
citytrend.com.ng/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://citytrend.com.ng/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
content-type: font/woff2
last-modified: Wed, 16 Feb 2022 13:09:19 GMT
accept-ranges: bytes
content-length: 77160
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

citytrend.com.ng/wp-content/uploads/2022/10/Tom-MacDonald-%E2%80%94-Sheeple.jpg?v=1665761941

45.131.1.208

200 OK

1.0 MB

URL HTTP/2
citytrend.com.ng/wp-content/uploads/2022/10/Tom-MacDonald-%E2%80%94-Sheeple.jpg?v=1665761941
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1793x1793, components 3\012- data
Size
1.0 MB (1014982 bytes)
Hash
212de50af9438f7eeb54dd51613d53a4
eb96093881674df8c68c4b59dd544a6079cbbbcf
9b29e4f20c72cddb351664a60e8c5a5a954aa7001021fb06f09c7d9e779e6dc3

HTTP Headers

GET /wp-content/uploads/2022/10/Tom-MacDonald-%E2%80%94-Sheeple.jpg?v=1665761941 HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Fri, 14 Oct 2022 15:39:01 GMT
accept-ranges: bytes
content-length: 1014982
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
content-disposition: attachment
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d603d02260a5ad2d13db21d55c354540
334cc03036b9940c4693bcb80036dccea8b27d57
f328a1e23b71d7e0c30dae3796d8025d0a266265db28f2558c1ceb507549c75d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F328A1E23B71D7E0C30DAE3796D8025D0A266265DB28F2558C1CEB507549C75D"
Last-Modified: Sun, 27 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20043
Expires: Mon, 28 Nov 2022 19:17:25 GMT
Date: Mon, 28 Nov 2022 13:43:22 GMT
Connection: keep-alive

s.w.org/images/core/emoji/14.0.0/svg/1f4af.svg

192.0.77.48

200 OK

1.8 kB

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f4af.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1808), with no line terminators
Size
1.8 kB (1808 bytes)
Hash
db009c8fa13d0f303df266e9d42c8e30
6d75617ac8ca67664480dc75d79cc0e20e37aca9
a54c7a6df9d88bbd31edebbd5281e7152c6374fdabbf3f67185210cb3dd7eada

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f4af.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: image/svg+xml
content-length: 1808
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

citytrend.com.ng/download-tom-macdonald-renegade-album/

45.131.1.208

200 OK

18 kB

URL HTTP/2
citytrend.com.ng/download-tom-macdonald-renegade-album/
IP
45.131.1.208:0
ASN
#211376 Kaan Girgin

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
18 kB (17629 bytes)
Hash
e20502b10afbf11417516d4d4d08c5c8
7ae3aa23fb4c5a4f1c5e129af0d11dd37326f518
42a56c48b4a89bb825c6fd46a1c484e76ac50af793a75043c3ee2329e7189bea

HTTP Headers

GET /download-tom-macdonald-renegade-album/ HTTP/1.1
Host: citytrend.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.29
content-type: text/html; charset=UTF-8
x-pingback: https://citytrend.com.ng/xmlrpc.php
link: <https://citytrend.com.ng/wp-json/>; rel="https://api.w.org/", <https://citytrend.com.ng/wp-json/wp/v2/posts/216206>; rel="alternate"; type="application/json", <https://citytrend.com.ng/?p=216206>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f6a9.svg

192.0.77.48

200 OK

278 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f6a9.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
278 B (278 bytes)
Hash
f5f43be48e7804a8265947d8dd64e430
16f482eb2be5319e5c9d126b33984c44f15d08ed
567538da8bf3dc5808b82098de8c325527074b36a579ba03549537fd627f3d65

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f6a9.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: image/svg+xml
content-length: 278
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

z.cdn.ftd.agency/load?z=1878579115&div=zone_1878579115&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1310&hc=16&n=1669643002188&url=citytrend.com.ng%2Fdownload-tom-macdonald-renegade-album%2F&vc=0&ti=Download%20Tom%20MacDonald%20%E2%80%94%20Renegade%20(Album)%20%C2%BB%20CitytrendTv%20v2.0&zyx=3710390753

37.48.117.210

200 OK

2.3 kB

URL HTTP/1.1
z.cdn.ftd.agency/load?z=1878579115&div=zone_1878579115&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1310&hc=16&n=1669643002188&url=citytrend.com.ng%2Fdownload-tom-macdonald-renegade-album%2F&vc=0&ti=Download%20Tom%20MacDonald%20%E2%80%94%20Renegade%20(Album)%20%C2%BB%20CitytrendTv%20v2.0&zyx=3710390753
IP
37.48.117.210:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with very long lines (524)
Size
2.3 kB (2266 bytes)
Hash
07f82fa9b4dedd92cc13e92810cca010
94f448087d0940138d0d5aa91d1abff651f4eb4a
de100f3db1b89fae6113ce05eed2eee35d7eace5c6ddd50e069a5a3117a40070

HTTP Headers

GET /load?z=1878579115&div=zone_1878579115&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1310&hc=16&n=1669643002188&url=citytrend.com.ng%2Fdownload-tom-macdonald-renegade-album%2F&vc=0&ti=Download%20Tom%20MacDonald%20%E2%80%94%20Renegade%20(Album)%20%C2%BB%20CitytrendTv%20v2.0&zyx=3710390753 HTTP/1.1
Host: z.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2266
Connection: keep-alive
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: -1
P3P: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: AU=66910b6b581db97b; Expires=Mon, 27 Nov 2034 22:00:35 GMT; Path=/; HttpOnly; Domain=.cdn.ftd.agency; SameSite=None; Secure

z.cdn.ftd.agency/event?z=1878579115&m=1395836530&n=4489030757228885600&t=&u=66910b6b581db97b

37.48.117.210

400 Bad Request

35 B

URL HTTP/1.1
z.cdn.ftd.agency/event?z=1878579115&m=1395836530&n=4489030757228885600&t=&u=66910b6b581db97b
IP
37.48.117.210:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /event?z=1878579115&m=1395836530&n=4489030757228885600&t=&u=66910b6b581db97b HTTP/1.1
Host: z.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a51f50ee2f6bb94087773e18557b56e7
267328a6da74db3ca0eade2ff7a80a625bf64626
8de651e82cb7debd428570833964b9f3ae5f4824c119d14cd05e2ca1b9a432ea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DE651E82CB7DEBD428570833964B9F3AE5F4824C119D14CD05E2CA1B9A432EA"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19968
Expires: Mon, 28 Nov 2022 19:16:11 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002

178.162.194.134

200 OK

485 B

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
485 B (485 bytes)
Hash
f4db8d6b80685e10a5f8a7e7310fd1f6
28073e5415cd2763ebb540e8be24082301e44470
d56eb566ae5fdfd78c473d2b03b494dec98e2414565fb283c017e85154a6e339

HTTP Headers

GET /uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002 HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Cookie: AU=66910b6b581db97b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636a2c4c-4a7"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0b0ccd4ff1e27e4626b21b2a8e85acd
e5e312c79e7ab681cc96247469405957d3841fb7
5554da64d03ec1ba9fa42bd6eec7eedf7e3537b89a81450d4e420483518700a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5554DA64D03EC1BA9FA42BD6EEC7EEDF7E3537B89A81450D4E420483518700A1"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 19:43:23 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/css/style.css

178.162.194.134

200 OK

2.5 kB

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/css/style.css
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text
Size
2.5 kB (2467 bytes)
Hash
e4cde0ef75f8585c2e80aa2a92840cb4
52a38125e90ac3e5e9fc5e4abb76f3ad8b6eb785
8e67b2a5a27d2dc64d760e6263aa3b31c8df809a8e552703bd1ac80ccebad7b0

HTTP Headers

GET /uploads/media/1/9/54891/v1/css/style.css HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: text/css
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636a2c4c-307d"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip

4e699dd731.b509ab5b0d.com/22eb00ba0187b9ce8be616b23e830d23/3511?version_name=c

45.133.44.24

200 OK

887 B

URL HTTP/2
4e699dd731.b509ab5b0d.com/22eb00ba0187b9ce8be616b23e830d23/3511?version_name=c
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (887), with no line terminators
Size
887 B (887 bytes)
Hash
e73ff6153f3669ab0ba8ac83fcb71bbc
efcf370baeb8fc1a01c9080c7fa332b47e4916ea
614700afaa9eb3d7e9d3184f13a09949d658e512427bab541b80a2b9418f2b29

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /22eb00ba0187b9ce8be616b23e830d23/3511?version_name=c HTTP/1.1
Host: 4e699dd731.b509ab5b0d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: application/json
content-length: 887
server: nginx/1.18.0
cache-control: max-age=300
expires: Mon, 28 Nov 2022 13:48:23 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
X-Firefox-Spdy: h2

jbm6c54upkui.com/watchnew?key=09cf4c3094c607f34f192871adcc4c44

173.233.137.36

200 OK

1.1 kB

URL HTTP/1.1
jbm6c54upkui.com/watchnew?key=09cf4c3094c607f34f192871adcc4c44
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.1 kB (1113 bytes)
Hash
9bbee41d47176acb55faa47b5aba0008
1e73f2de6c423b255218de0b5839768ac166bb53
469663cb810c482b1dced0a569b6ed7540768b5ebf9440322609faedbc837864

HTTP Headers

GET /watchnew?key=09cf4c3094c607f34f192871adcc4c44 HTTP/1.1
Host: jbm6c54upkui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16358553; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODU1MywiayI6IjA5Y2Y0YzMwOTRjNjA3ZjM0ZjE5Mjg3MWFkY2M0YzQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjgwNjUyLCJwaWQiOjE3NTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoidXc1Z2c3NHhkbiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jaXR5dHJlbmQuY29tLm5nLyJ9fQ.8PkZjRZFdHGCXlgydiQRpk_ZRX__uMjMKMcSBHxnbUA; expires=Mon, 28 Nov 2022 13:44:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a21ead3f47c2811dbb351bb59fef4e4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

f2.cdn.ftd.agency/libs/banner_html5.js

178.162.194.134

200 OK

879 B

URL HTTP/1.1
f2.cdn.ftd.agency/libs/banner_html5.js
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text
Size
879 B (879 bytes)
Hash
cd7724156280fa8c0921a6f399c118ba
3c5bfee8d57e22fa1cbaa31541989471d5b1f396
970448c1dded7ff0748f1099362d3494222704805b575740eed3005d4b9bc61a

HTTP Headers

GET /libs/banner_html5.js HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Apr 2019 12:08:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cac8b35-8b8"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/s1-girl.png

178.162.194.134

200 OK

7.1 kB

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/s1-girl.png
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 97 x 140, 8-bit colormap, non-interlaced\012- data
Size
7.1 kB (7138 bytes)
Hash
0c35ce4c32b2afcba58aded86f7ed1c0
8ddb5bfff26c8b0fd71f25f2d8064a0a1aa48a3f
0cfbc58aca75385b58e6c4ddbffb055186e1bc27ac9001468f06db87a41c52b9

HTTP Headers

GET /uploads/media/1/9/54891/v1/img/s1-girl.png HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: image/png
Content-Length: 7138
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-1be2"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/s2-girl.png

178.162.194.134

200 OK

7.7 kB

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/s2-girl.png
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 123 x 169, 8-bit colormap, non-interlaced\012- data
Size
7.7 kB (7722 bytes)
Hash
e3dc86f775301b21812d8da4ea8363f1
a928b25576903a7de8d61bedee0192054faa8689
bf9f9a8d6a05245a867cd34f4ed99ef10bf8611f99173b1fb607077a76513765

HTTP Headers

GET /uploads/media/1/9/54891/v1/img/s2-girl.png HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: image/png
Content-Length: 7722
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-1e2a"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/logo.png

178.162.194.134

200 OK

2.0 kB

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/logo.png
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 196 x 44, 8-bit colormap, non-interlaced\012- data
Size
2.0 kB (1972 bytes)
Hash
cd13f7c084327662a73584d4f14038cd
8475bcddc3fbed6453c94d8ce5005d045d788476
973e58224b0d759d0d0f4798a0cc8f3e00a1ad8c10f11dc53a85f65826a890d3

HTTP Headers

GET /uploads/media/1/9/54891/v1/img/logo.png HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: image/png
Content-Length: 1972
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-7b4"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/s1-logo.png

178.162.194.134

200 OK

3.0 kB

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/s1-logo.png
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 146 x 89, 8-bit colormap, non-interlaced\012- data
Size
3.0 kB (3046 bytes)
Hash
bf46d47951103eaf1b4380f19128887b
8c2d1bc13cfdfec6186c526c0c90a55a008c9fed
c0de538c9731d118d4fba62969b692c97c21e8c7e058a0833104b41ef190ae21

HTTP Headers

GET /uploads/media/1/9/54891/v1/img/s1-logo.png HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: image/png
Content-Length: 3046
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-be6"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

1.2 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1150 bytes)
Hash
7015755c643bbb81b3fda2fda417768e
d28faf909e6b913850e74b7a23c798f603e6dc1c
6d467bc579751cee112a20976cd295c2fb0bb39d0744a97ea25f623a12094b80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5A56638F91D9149919A5E49BA8A7E93F81F05D93ED690A5D455B2DA661B537A"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12475
Expires: Mon, 28 Nov 2022 17:11:18 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

js.wpadmngr.com/npc/sdk/wp-banners.js

45.133.44.24

200 OK

0 B

URL HTTP/2
js.wpadmngr.com/npc/sdk/wp-banners.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Mon, 28 Nov 2022 13:48:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

jbm6c54upkui.com/5f247bc4616b77a82439f0dac7d7af5d/invoke.js

173.233.137.36

200 OK

9.3 kB

URL HTTP/1.1
jbm6c54upkui.com/5f247bc4616b77a82439f0dac7d7af5d/invoke.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Size
9.3 kB (9283 bytes)
Hash
71252966e8bf792cd5021fb503ed895e
98a731ab705b1975dfd12f249984ae3340fe97e6
4cf4de1c78236d653cf79fb7eaa6b79d6e11cf8d0c749157f95e6f00ac2cc9b2

HTTP Headers

GET /5f247bc4616b77a82439f0dac7d7af5d/invoke.js HTTP/1.1
Host: jbm6c54upkui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43528888f719ac7b2f0f378d9865fe24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pushazam.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
pushazam.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

pushazam.com/event

139.45.197.251

200 OK

0 B

URL HTTP/2
pushazam.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size
16 kB (15660 bytes)
Hash
d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

HTTP Headers

GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2.cdn.ftd.agency
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:17:43 GMT
expires: Wed, 22 Nov 2023 22:17:43 GMT
cache-control: public, max-age=31536000
age: 487540
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pushazam.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
pushazam.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Content-Type: application/json
Origin: https://citytrend.com.ng
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 80e37344e6b5df071700ec6604abb4f4
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/glare.png

178.162.194.134

200 OK

0 B

URL HTTP/1.1
f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/img/glare.png
IP
178.162.194.134:0
ASN
#28753 Leaseweb Deutschland GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/media/1/9/54891/v1/img/glare.png HTTP/1.1
Host: f2.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/css/style.css
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: image/png
Content-Length: 0
Last-Modified: Thu, 24 Nov 2022 13:11:52 GMT
Connection: keep-alive
ETag: "637f6d98-0"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes

pushazam.com/event

139.45.197.251

200 OK

94 B

URL HTTP/2
pushazam.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
c27da64944e8d7dfb8aa9ea5a3469d14
1556dc2d61cd4934b0de777124fab005155921a7
3d03bd56ad6a9297dd7191d5b67d35f6120f289b9d470e906634bd3386c67082

HTTP Headers

POST /event HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Content-Type: application/json
Origin: https://citytrend.com.ng
Content-Length: 1375
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 094e404edac35a4e0425a5859b0d6050
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jbm6c54upkui.com/watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F

173.233.137.36

200 OK

783 B

URL HTTP/1.1
jbm6c54upkui.com/watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (569)
Size
783 B (783 bytes)
Hash
8af081c43b9ebcf9703a475fe083980a
ab62fa2e0d7a1ff2c6fa13f7e91672d648354fa2
9d4a638a2e29cc460f9234ae9aaa3ce75c2afa0be275d5c72e35f474ce1f2fbb

HTTP Headers

GET /watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F HTTP/1.1
Host: jbm6c54upkui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jbm6c54upkui.com/watchnew?key=09cf4c3094c607f34f192871adcc4c44
Cookie: u_pl=16358553; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODU1MywiayI6IjA5Y2Y0YzMwOTRjNjA3ZjM0ZjE5Mjg3MWFkY2M0YzQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjgwNjUyLCJwaWQiOjE3NTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoidXc1Z2c3NHhkbiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jaXR5dHJlbmQuY29tLm5nLyJ9fQ.8PkZjRZFdHGCXlgydiQRpk_ZRX__uMjMKMcSBHxnbUA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://citytrend.com.ng/
Access-Control-Allow-Origin: https://citytrend.com.ng/
Access-Control-Allow-Credentials: true
Set-Cookie: iprcb2124f92fe2ab065e1ad95371beca439=2717289; expires=Tue, 29 Nov 2022 15:43:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 893bec32b683cefa21e6b2aac22c194f
Strict-Transport-Security: max-age=0; includeSubdomains

s.w.org/images/core/emoji/14.0.0/svg/1f447.svg

192.0.77.48

200 OK

803 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f447.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (558), with no line terminators
Size
803 B (803 bytes)
Hash
be7acd69eecd5e4cf23339ae823ab3b5
3ad22d92b60072f1b3d65dabda66ac29bb1e3f7a
52dccd280cd2503e62a7c9a7e560f49549e42d1ebb3c408367dd23ebe4f89542

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f447.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12311d72bd934a6307384c09250190f4
d0c2e4887c99217f6158ef673534ea9bbb331b29
c9b2ca2ab1e5658626ecb8d859f2ede02dbdfdb2bc9f659150e8950b75d8d982

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9B2CA2AB1E5658626ECB8D859F2EDE02DBDFDB2BC9F659150E8950B75D8D982"
Last-Modified: Sun, 27 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14608
Expires: Mon, 28 Nov 2022 17:46:51 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

c5400bbaf2.04cbf4193b.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ4MDAwNTk3MTIzNTc0MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjM1MTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRG93bmxvYWQlMkNUb20lMkNNYWNEb25hbGQlMkMlRTIlODAlOTQlMkNSZW5lZ2FkZSUyQyhBbGJ1bSklMkMlQzIlQkIlMkNDaXR5dHJlbmRUdiUyQ3YyLjAlMjAifQ==

45.133.44.25

200 OK

0 B

URL HTTP/2
c5400bbaf2.04cbf4193b.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ4MDAwNTk3MTIzNTc0MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjM1MTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRG93bmxvYWQlMkNUb20lMkNNYWNEb25hbGQlMkMlRTIlODAlOTQlMkNSZW5lZ2FkZSUyQyhBbGJ1bSklMkMlQzIlQkIlMkNDaXR5dHJlbmRUdiUyQ3YyLjAlMjAifQ==
IP
45.133.44.25:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ4MDAwNTk3MTIzNTc0MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjM1MTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRG93bmxvYWQlMkNUb20lMkNNYWNEb25hbGQlMkMlRTIlODAlOTQlMkNSZW5lZ2FkZSUyQyhBbGJ1bSklMkMlQzIlQkIlMkNDaXR5dHJlbmRUdiUyQ3YyLjAlMjAifQ== HTTP/1.1
Host: c5400bbaf2.04cbf4193b.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 56527
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10199 bytes)
Hash
2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 57100
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6263 bytes)
Hash
b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpU6HS6f0BpRceJVfwhBhOgKMTMvdMZj4ST9DMATiqfA10pNplyPtQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 57139
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9063 bytes)
Hash
e615cdc2e330b5cf76435abce9aa631a
71f737c3cee7766494157cd6491ce247a785c09e
853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:55:54 GMT
age: 6449
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 19904
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6376 bytes)
Hash
78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 56517
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db87895596c0c956807b0dc638046210
4a4ce983bb88db455cecf49d8b2f4ffc38199949
f7ef3722eca4faa85338c2c8add17c3c691dfae73dcfe76e569ff1345a4e4583

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7EF3722ECA4FAA85338C2C8ADD17C3C691DFAE73DCFE76E569FF1345A4E4583"
Last-Modified: Sun, 27 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4901
Expires: Mon, 28 Nov 2022 15:05:04 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b4758933b630027e6bd426b42937fb1
8745c6519e733d0d954a4a1e979f012f37383438
fd7c1b8ba14558d084637c12f7588f3b464d4ccf74051c5ef3d74712caf4f346

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD7C1B8BA14558D084637C12F7588F3B464D4CCF74051C5EF3D74712CAF4F346"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10854
Expires: Mon, 28 Nov 2022 16:44:17 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

0df76f9508.04cbf4193b.com/in/multy

168.119.25.22

204 No Content

0 B

URL HTTP/2
0df76f9508.04cbf4193b.com/in/multy
IP
168.119.25.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 0df76f9508.04cbf4193b.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.18.0
date: Mon, 28 Nov 2022 13:43:23 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

4e699dd731.b509ab5b0d.com/d025a52ef006cf2ebb8ceb0b2aeacbc0.js

45.133.44.24

200 OK

73 kB

URL HTTP/2
4e699dd731.b509ab5b0d.com/d025a52ef006cf2ebb8ceb0b2aeacbc0.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
73 kB (72955 bytes)
Hash
c2b300e5f3345aa192e663c4f7265de1
c7c64fb0817e9cbf7f151094687b2fde7a548dc5
619fc2b4d96c1da2b3c04d5ebe03cfd7da53b264f5bf2d76298cc5cd872ff7dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /d025a52ef006cf2ebb8ceb0b2aeacbc0.js HTTP/1.1
Host: 4e699dd731.b509ab5b0d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 22 Nov 2022 16:27:58 GMT
etag: W/"637cf88e-48777"
content-encoding: gzip
expires: Mon, 28 Nov 2022 13:48:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1f6b302933d460ab447356556838501c
00d2123ec7f0ef5bf0d648bf4d15e69cd9902f4e
8240f397607869e239c216ca93f78f84e25299c0ad4e7483b2bd53f7861142f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8240F397607869E239C216CA93F78F84E25299C0AD4E7483B2BD53F7861142F0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1
Expires: Mon, 28 Nov 2022 13:43:24 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

sandwichesinstinctive.com/pixel/nvrwe?error=timeout

192.243.59.20

200 OK

0 B

URL HTTP/1.1
sandwichesinstinctive.com/pixel/nvrwe?error=timeout
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/nvrwe?error=timeout HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.spikereekvelocity.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16358553

192.243.61.225

200 OK

1.2 kB

URL HTTP/1.1
www.spikereekvelocity.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16358553
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.2 kB (1243 bytes)
Hash
6a4768a60f1b67c58315bf85a7232d5b
19e22b35fce260268a2bb88daaea7be19433a051
2c9763367414bffc07f99f56ad873da97de9507ea9e780358c06a7219b7291de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16358553 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jbm6c54upkui.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122935; expires=Tue, 29 Nov 2022 13:43:24 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYzNTg1NTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamJtNmM1NHVwa3VpLmNvbS8ifX0.78BHB2L0n1z22SesFiJei1NFpVmDTtROhFiZ6FZb4AM; expires=Mon, 28 Nov 2022 13:44:24 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82987197d7f3718d560def80a7569a60
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
af1705e40c945deab01887e00cd8759d
622e4a511c836ac1d5f512554164a7abbf32208e
79fff1c1bb301959917bfe4f9bbc7eaf98dbf392bbcc467baea557a2bf9d0e47

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 16:32:20 GMT
Expires: Sat, 03 Dec 2022 16:32:19 GMT
Etag: "622e4a511c836ac1d5f512554164a7abbf32208e"
Cache-Control: max-age=441534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77138840cbb21bfa-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
af1705e40c945deab01887e00cd8759d
622e4a511c836ac1d5f512554164a7abbf32208e
79fff1c1bb301959917bfe4f9bbc7eaf98dbf392bbcc467baea557a2bf9d0e47

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 16:32:20 GMT
Expires: Sat, 03 Dec 2022 16:32:19 GMT
Etag: "622e4a511c836ac1d5f512554164a7abbf32208e"
Cache-Control: max-age=441534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771388412f78b4f4-OSL

www.spikereekvelocity.com/m3vcib848?shu=4ff5ed78ef152f17e55274127efbc615614b506ad91c532e8b76a51c1526bdd3f13baeb0f5c279ba5ffb4afdb43cfecac286c330f9d78df12413ba64ec5c548f0650ba17762aae4abd37dd0d5f83f9d8b07c5f66&pst=1669643064&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fjbm6c54upkui.com%2F&psid=16358553

192.243.61.225

302 Found

0 B

URL HTTP/1.1
www.spikereekvelocity.com/m3vcib848?shu=4ff5ed78ef152f17e55274127efbc615614b506ad91c532e8b76a51c1526bdd3f13baeb0f5c279ba5ffb4afdb43cfecac286c330f9d78df12413ba64ec5c548f0650ba17762aae4abd37dd0d5f83f9d8b07c5f66&pst=1669643064&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fjbm6c54upkui.com%2F&psid=16358553
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /m3vcib848?shu=4ff5ed78ef152f17e55274127efbc615614b506ad91c532e8b76a51c1526bdd3f13baeb0f5c279ba5ffb4afdb43cfecac286c330f9d78df12413ba64ec5c548f0650ba17762aae4abd37dd0d5f83f9d8b07c5f66&pst=1669643064&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fjbm6c54upkui.com%2F&psid=16358553 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/m3vcib848?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122935
Cookie: u_pl=16122935; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYzNTg1NTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamJtNmM1NHVwa3VpLmNvbS8ifX0.78BHB2L0n1z22SesFiJei1NFpVmDTtROhFiZ6FZb4AM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://gertrk.com/click.php?key=n9wbuyk5h0mq6m6x7xc5&SUB_ID_SHORT=18eee11e83a2ca0c70cff4591d117c3b&COST_CPC=0.002400&PLACEMENT_ID=16122935&CAMPAIGN_ID=691144&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2042909
Set-Cookie: iprcb8b7177771a70f2ea86eeedb1adeb4c9=3819930; expires=Tue, 29 Nov 2022 13:43:24 GMT
pdhtkv=true; expires=Tue, 29 Nov 2022 13:43:24 GMT
uncs=1; expires=Tue, 29 Nov 2022 13:43:24 GMT
pdhtkv28=true; expires=Tue, 29 Nov 2022 13:43:24 GMT
uncs28=1; expires=Tue, 29 Nov 2022 13:43:24 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 149a4afb366e2b772e2cef537c3ae310
Strict-Transport-Security: max-age=0; includeSubdomains

gertrk.com/click.php?key=n9wbuyk5h0mq6m6x7xc5&SUB_ID_SHORT=18eee11e83a2ca0c70cff4591d117c3b&COST_CPC=0.002400&PLACEMENT_ID=16122935&CAMPAIGN_ID=691144&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2042909

168.119.139.96

302 Found

347 B

URL HTTP/2
gertrk.com/click.php?key=n9wbuyk5h0mq6m6x7xc5&SUB_ID_SHORT=18eee11e83a2ca0c70cff4591d117c3b&COST_CPC=0.002400&PLACEMENT_ID=16122935&CAMPAIGN_ID=691144&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2042909
IP
168.119.139.96:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
347 B (347 bytes)
Hash
a3253cd7b23d9850cd53e9e5937233d8
ac4d94b99a1b4f5a97cf933b64b467cac600ced9
295ef4c9f94336f9432e6481c9888e7292c3198385985ad9c200306bcfac8c74

HTTP Headers

GET /click.php?key=n9wbuyk5h0mq6m6x7xc5&SUB_ID_SHORT=18eee11e83a2ca0c70cff4591d117c3b&COST_CPC=0.002400&PLACEMENT_ID=16122935&CAMPAIGN_ID=691144&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2042909 HTTP/1.1
Host: gertrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 28 Nov 2022 13:43:24 GMT
content-type: text/html; charset=UTF-8
location: https://euro-times.org/no/vg?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c
set-cookie: uclick=ydvca3sc; expires=Tue, 29-Nov-2022 13:43:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c; expires=Tue, 29-Nov-2022 13:43:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c

94.242.54.185

200 OK

37 kB

URL HTTP/1.1
euro-times.org/no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16051)
Size
37 kB (37197 bytes)
Hash
fd27b5bacbacc94bc34df9b436b8990e
3e178e5df3c837795baf54ef00000272dd505d08
c4556dd6e3e679399ec828c51c52cd44304ba4e25746e68c9e048ea6df7a8e8e

HTTP Headers

GET /no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:24 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

euro-times.org/no/vg/vendor.67e32aaf581c20179082.css

94.242.54.185

200 OK

60 kB

URL HTTP/1.1
euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
ASCII text, with very long lines (59489)
Size
60 kB (59548 bytes)
Hash
1e0d1ba4e4338c872503027231d9dc3b
e34dec9da85672c3980361b52b74ea476328e661
f9fe5280ae54a95dc50e6cacfd7ff7815ff23439761c00ff95719c84b261e769

HTTP Headers

GET /no/vg/vendor.67e32aaf581c20179082.css HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:24 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:28 GMT
Accept-Ranges: bytes
Content-Length: 59548
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:24 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

euro-times.org/no/vg/css.css

94.242.54.185

200 OK

6.9 kB

URL HTTP/1.1
euro-times.org/no/vg/css.css
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
ASCII text
Size
6.9 kB (6904 bytes)
Hash
d466b4fce52545fc65db3dea539f295e
122c952287f265a041f49984e76d4c4b91d8793e
1bb33da015e40392c387bdb088b426bd437fa0d25195c56d73e722f1a4a45c92

HTTP Headers

GET /no/vg/css.css HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:16 GMT
Accept-Ranges: bytes
Content-Length: 6904
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

euro-times.org/no/vg/landing.js

94.242.54.185

200 OK

2.7 kB

URL HTTP/1.1
euro-times.org/no/vg/landing.js
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2695 bytes)
Hash
6f097f34f0d7d31372d8d10efb8b5bc5
abfdda42379821c0d427f7bafa00fa10aca78130
45a2c3718857a6d88bbea4677e8b3d15a36f09c2f9cffa89b38cc8cfd76178e8

HTTP Headers

GET /no/vg/landing.js HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:24 GMT
Accept-Ranges: bytes
Content-Length: 2695
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

euro-times.org/no/vg/app.67e32aaf581c20179082.css

94.242.54.185

200 OK

132 kB

URL HTTP/1.1
euro-times.org/no/vg/app.67e32aaf581c20179082.css
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
132 kB (131940 bytes)
Hash
89fa8a5de4a0df4f1ebbb6916391fc3d
2e3ea867be2bc412e7bbfd132845ebf061cedc4b
3b65b1c726a2308821d8b57be5c421fe119cf8bedfc7d510373bdf136b25e169

HTTP Headers

GET /no/vg/app.67e32aaf581c20179082.css HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:18 GMT
Accept-Ranges: bytes
Content-Length: 131940
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

euro-times.org/no/vg/4.jpg

94.242.54.185

200 OK

2.9 kB

URL HTTP/1.1
euro-times.org/no/vg/4.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size
2.9 kB (2894 bytes)
Hash
3e9ed2110941d9ef87cb94e45a33e7d9
62bbff3e512d8efe6a68da04ee2d45c4dc3abcbc
2815085a27a60c37d33139ea602e2a605a7a8f40ff72d0b00ba361eaed358f84

HTTP Headers

GET /no/vg/4.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:20 GMT
Accept-Ranges: bytes
Content-Length: 2894
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/b.jpg

94.242.54.185

200 OK

97 kB

URL HTTP/1.1
euro-times.org/no/vg/b.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 993x614, components 3\012- data
Size
97 kB (97034 bytes)
Hash
f2d69a62db1116858a861ae6d2986083
8ba42fbda070dcbda267db7a5e9022a50120e29f
6107b8c6ed4f52a29b516deac8efe4b80a8c23f7685ab039f4b91eeb4dc0fc09

HTTP Headers

GET /no/vg/b.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 30 Sep 2018 17:08:58 GMT
Accept-Ranges: bytes
Content-Length: 97034
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/3.jpg

94.242.54.185

200 OK

3.0 kB

URL HTTP/1.1
euro-times.org/no/vg/3.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size
3.0 kB (2974 bytes)
Hash
63295a967f84119e4ed60176db557802
0f7cf3da84692b77156e61009670e2a4ad8f24e0
fd6bc83266fa8a104e1b767da0f1624edf26c38be0755834adfb2205be09c076

HTTP Headers

GET /no/vg/3.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:16 GMT
Accept-Ranges: bytes
Content-Length: 2974
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/2.jpg

94.242.54.185

200 OK

2.3 kB

URL HTTP/1.1
euro-times.org/no/vg/2.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size
2.3 kB (2341 bytes)
Hash
87c8eb24f85fa30bb0a90563a69cdea4
df45836de015b1638505ecb4c947995d0896057c
02a85ec09ad22e617c08be3386fafcbd688ac8cbedffcc90f4a9a47b9b0ac6e8

HTTP Headers

GET /no/vg/2.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:28 GMT
Accept-Ranges: bytes
Content-Length: 2341
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/mapbox-gl.css

94.242.54.185

200 OK

40 kB

URL HTTP/1.1
euro-times.org/no/vg/mapbox-gl.css
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
ASCII text, with very long lines (13302)
Size
40 kB (39768 bytes)
Hash
5805495ed9ceac85c259bc9031d77b15
ca5140c4b10c476efc309166aaa3dfdc841748e8
70659bc9428ad79353ad8ce663c4b3b145af109a5b3e31c062f7c758706d04f7

HTTP Headers

GET /no/vg/mapbox-gl.css HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://euro-times.org/no/vg/app.67e32aaf581c20179082.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 39768
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

euro-times.org/no/vg/css.1.css

94.242.54.185

200 OK

5.4 kB

URL HTTP/1.1
euro-times.org/no/vg/css.1.css
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
ASCII text
Size
5.4 kB (5446 bytes)
Hash
8054a406a0f2d3aa2ec8e4c4b8e9c418
b399ed5e75a1d87921055caa08d4edff4b9431d8
17bd4bcb69e324586fcc2400c75915b7dfdc25a4ecb96fedd885dbb2fbcbf793

HTTP Headers

GET /no/vg/css.1.css HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://euro-times.org/no/vg/app.67e32aaf581c20179082.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:24 GMT
Accept-Ranges: bytes
Content-Length: 5446
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

euro-times.org/no/vg/c.jpg

94.242.54.185

200 OK

45 kB

URL HTTP/1.1
euro-times.org/no/vg/c.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x534, components 3\012- data
Size
45 kB (45155 bytes)
Hash
d2cef70e5a0d7da1d6397af10a73d730
99b428cb59c651c66862cc4c4e8075366fb030fc
16f7054030df372428fbc9178aaf5936d3759d56ea717ee0e3af20eb7f6d2e44

HTTP Headers

GET /no/vg/c.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Mon, 28 Nov 2022 06:57:26 GMT
Accept-Ranges: bytes
Content-Length: 45155
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/1.jpg

94.242.54.185

200 OK

2.4 kB

URL HTTP/1.1
euro-times.org/no/vg/1.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size
2.4 kB (2352 bytes)
Hash
1dbbfde744cb9af22e0fc12f86792f1d
9fde5f98c88e2c5e03b44652bd2894d275f0263d
2041bc9199b8f2181e52e8554ca8d9126913d7913a7428d5e5ccae8e7c7392a7

HTTP Headers

GET /no/vg/1.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:24 GMT
Accept-Ranges: bytes
Content-Length: 2352
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/a.jpg

94.242.54.185

200 OK

26 kB

URL HTTP/1.1
euro-times.org/no/vg/a.jpg
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x334, components 3\012- data
Size
26 kB (25674 bytes)
Hash
94c3ec372b05fc9bade546f4d23ff3db
c4767884c046decc290fb6e0e7c2ec05ebd22034
bf0da41d83412ede1e2bfea83e775a291839b06a1bb9b4c41f75045a6d7038ba

HTTP Headers

GET /no/vg/a.jpg HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 25674
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

euro-times.org/no/vg/3b9f95a06cd9fc9306ed4b0ec723efcf.woff2

94.242.54.185

200 OK

27 kB

URL HTTP/1.1
euro-times.org/no/vg/3b9f95a06cd9fc9306ed4b0ec723efcf.woff2
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
Web Open Font Format (Version 2), TrueType, length 26808, version 1.1311\012- data
Size
27 kB (26808 bytes)
Hash
3b9f95a06cd9fc9306ed4b0ec723efcf
cb944d4c9f62c13e6ccf0003542c164fb800b5ad
350217883795851e952edd10f09e244e2e385532b55fc26a55ef423bad2d7502

HTTP Headers

GET /no/vg/3b9f95a06cd9fc9306ed4b0ec723efcf.woff2 HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 26808
Cache-Control: max-age=172800
Expires: Wed, 30 Nov 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2

euro-times.org/no/vg/addesk.php

94.242.54.185

200 OK

43 B

URL HTTP/1.1
euro-times.org/no/vg/addesk.php
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6b552c49e4947f4e0ca8830489ab4755
24c37b7fed326d6bed050ba6d605a195e3e80635
ff11de8dd53431deb0047e022373452b60b0b432a9be16ee04121a7ced084337

HTTP Headers

GET /no/vg/addesk.php HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

euro-times.org/no/vg/4dce9ca26ac8769a82cb76b8a72b2a93.woff2

94.242.54.185

200 OK

23 kB

URL HTTP/1.1
euro-times.org/no/vg/4dce9ca26ac8769a82cb76b8a72b2a93.woff2
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
Web Open Font Format (Version 2), TrueType, length 23272, version 1.1311\012- data
Size
23 kB (23272 bytes)
Hash
4dce9ca26ac8769a82cb76b8a72b2a93
789f126c024d4977beb17d279f855c7d49f90461
2a1102749787811a8a8867540a17a0b3e05061683622c2c3ae78d3d382772e18

HTTP Headers

GET /no/vg/4dce9ca26ac8769a82cb76b8a72b2a93.woff2 HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:22 GMT
Accept-Ranges: bytes
Content-Length: 23272
Cache-Control: max-age=172800
Expires: Wed, 30 Nov 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 13:43:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

euro-times.org/no/vg/7c88e5323e2bf5d49fd0c8d87c030ccd.woff2

94.242.54.185

200 OK

21 kB

URL HTTP/1.1
euro-times.org/no/vg/7c88e5323e2bf5d49fd0c8d87c030ccd.woff2
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
Web Open Font Format (Version 2), TrueType, length 21260, version 1.1311\012- data
Size
21 kB (21260 bytes)
Hash
7c88e5323e2bf5d49fd0c8d87c030ccd
713d1194a0c98639323d8c06a548df511cfedde9
c24cea5caf526a74d30801adc8b85a1b4f42f83a20318a212d358890d5a3148d

HTTP Headers

GET /no/vg/7c88e5323e2bf5d49fd0c8d87c030ccd.woff2 HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:22 GMT
Accept-Ranges: bytes
Content-Length: 21260
Cache-Control: max-age=172800
Expires: Wed, 30 Nov 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2

fonts.gstatic.com/s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

216.58.207.195

200 OK

9.9 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9944, version 1.0\012- data
Size
9.9 kB (9944 bytes)
Hash
85486c163ae98867f1372ca48442a118
1ac9e1c0bda612393d7f16958266a52e4ada8efa
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52

HTTP Headers

GET /s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://euro-times.org
Connection: keep-alive
Referer: https://euro-times.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9944
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 02:07:55 GMT
expires: Fri, 24 Nov 2023 02:07:55 GMT
cache-control: public, max-age=31536000
age: 387330
last-modified: Wed, 11 Oct 2017 18:25:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

216.58.207.195

200 OK

9.7 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9716, version 1.0\012- data
Size
9.7 kB (9716 bytes)
Hash
0c72437d3bc183ca78f71836a310a706
df5694192d18b520888505aef04dcf8acaed6a0f
693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe

HTTP Headers

GET /s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://euro-times.org
Connection: keep-alive
Referer: https://euro-times.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9716
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 18:28:26 GMT
expires: Mon, 27 Nov 2023 18:28:26 GMT
cache-control: public, max-age=31536000
age: 69299
last-modified: Wed, 11 Oct 2017 18:25:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

euro-times.org/no/vg/favicon.ico

94.242.54.185

200 OK

318 B

URL HTTP/1.1
euro-times.org/no/vg/favicon.ico
IP
94.242.54.185:0
ASN
#43317 FNK LLC

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
a5ab8ad2fd256f4ab4d9395a785463f5
f42e0bf9b2b057991b1732dca73f9042bfafa291
a6b8db404acfc856ae0ce12515d8b41e3d9adf84b3d37a183787dab935d84f6f

HTTP Headers

GET /no/vg/favicon.ico HTTP/1.1
Host: euro-times.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:30 GMT
Accept-Ranges: bytes
Content-Length: 318
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10119 bytes)
Hash
15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 56933
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pushazam.com/ntfc.php?p=2697734

139.45.197.251

200 OK

0 B

URL HTTP/2
pushazam.com/ntfc.php?p=2697734
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ntfc.php?p=2697734 HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Didact+Gothic&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Didact+Gothic&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Didact+Gothic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 13:43:22 GMT
date: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,400italic,700,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 13:43:22 GMT
date: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pushazam.com/pfe/current/universal.min.js?v=3.1.405

139.45.197.251

200 OK

0 B

URL HTTP/2
pushazam.com/pfe/current/universal.min.js?v=3.1.405
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1
Host: pushazam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Atkinson+Hyperlegible%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CAladin%3A400%2C400i%7CFedero%3A400%2C400i%7CAndika%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CCharis+SIL%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii&display=swap&subset=all&ver=3.2.5

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Atkinson+Hyperlegible%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CAladin%3A400%2C400i%7CFedero%3A400%2C400i%7CAndika%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CCharis+SIL%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii&display=swap&subset=all&ver=3.2.5
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Atkinson+Hyperlegible%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CAladin%3A400%2C400i%7CFedero%3A400%2C400i%7CAndika%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CCharis+SIL%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii&display=swap&subset=all&ver=3.2.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 13:43:22 GMT
date: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

4e699dd731.b509ab5b0d.com/f210f7ba21a960e73ad5cec27304caa6.js

45.133.44.24

200 OK

0 B

URL HTTP/2
4e699dd731.b509ab5b0d.com/f210f7ba21a960e73ad5cec27304caa6.js
IP
45.133.44.24:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f210f7ba21a960e73ad5cec27304caa6.js HTTP/1.1
Host: 4e699dd731.b509ab5b0d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 13:43:22 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Mon, 28 Nov 2022 13:48:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations