Overview

URLcitytrend.com.ng/download-tom-macdonald-renegade-album/
IP 45.131.1.208 (Turkey)
ASN#211376 Kaan Girgin
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 13:43:33 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts No alerts detected
Tags None

Domain Summary (31)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
euro-times.org (19) 188969 2020-10-18 11:19:54 UTC 2022-11-28 07:02:42 UTC 94.242.54.185
fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-11-28 05:48:59 UTC 142.250.74.10
images.dmca.com (2) 11903 2014-01-31 13:53:17 UTC 2020-04-29 21:39:18 UTC 151.139.128.10
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-11-28 06:09:03 UTC 142.250.74.168
4e699dd731.b509ab5b0d.com (3) 0 No data No data 45.133.44.24 Unknown ranking
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.252.32
www.spikereekvelocity.com (2) 0 2022-10-19 14:11:25 UTC 2022-11-28 05:14:23 UTC 192.243.61.225 Unknown ranking
jbm6c54upkui.com (3) 164512 2020-05-02 18:24:46 UTC 2022-11-07 13:36:02 UTC 173.233.137.36
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.gstatic.com (10) 0 2014-09-09 00:40:21 UTC 2022-11-28 05:49:11 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
z.cdn.ftd.agency (2) 109566 2019-06-19 16:10:01 UTC 2022-11-28 03:01:11 UTC 37.48.117.210
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.36
cdn.ftd.agency (1) 101581 2019-06-06 05:53:55 UTC 2022-11-28 03:01:11 UTC 37.48.117.210
js.wpadmngr.com (1) 25762 No data No data 45.133.44.24
c5400bbaf2.04cbf4193b.com (1) 0 No data No data 45.133.44.25 Unknown ranking
s.w.org (3) 748 2017-01-30 04:56:16 UTC 2022-11-28 05:50:47 UTC 192.0.77.48
0df76f9508.04cbf4193b.com (1) 0 No data No data 168.119.25.22 Unknown ranking
citytrend.com.ng (19) 0 2017-05-21 10:18:24 UTC 2022-11-20 06:53:42 UTC 45.131.1.208 Unknown ranking
r3.o.lencr.org (14) 344 No data No data 23.36.76.226
pixel.wp.com (1) 2545 2017-01-30 05:31:40 UTC 2022-11-28 05:51:35 UTC 192.0.76.3
pushazam.com (7) 0 2018-09-05 12:53:45 UTC 2022-11-28 08:19:20 UTC 139.45.197.251 Unknown ranking
stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-11-28 05:51:34 UTC 192.0.76.3
gertrk.com (1) 0 2020-11-19 16:18:47 UTC 2022-11-28 07:02:40 UTC 168.119.139.96 Unknown ranking
sandwichesinstinctive.com (1) 0 2022-07-14 01:26:58 UTC 2022-11-28 08:57:29 UTC 192.243.59.20 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:46:10 UTC 34.117.237.239
f2.cdn.ftd.agency (8) 174428 2022-01-15 18:31:37 UTC 2022-11-28 03:01:11 UTC 178.162.194.134

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-28 2 pushazam.com/ntfc.php?p=2697734 Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-28 2 b509ab5b0d.com Sinkholed
2022-11-28 2 04cbf4193b.com Sinkholed
2022-11-28 2 04cbf4193b.com Sinkholed
2022-11-28 2 b509ab5b0d.com Sinkholed
2022-11-28 2 sandwichesinstinctive.com Sinkholed
2022-11-28 2 spikereekvelocity.com Sinkholed
2022-11-28 2 spikereekvelocity.com Sinkholed
2022-11-28 2 b509ab5b0d.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 45.131.1.208
Date UQ / IDS / BL URL IP
2023-01-14 21:14:33 +0000 0 - 2 - 19 suncoastcreditnuion.com/access.php 45.131.1.208
2022-12-01 04:30:55 +0000 45 - 0 - 112 uspsxpressdelivery.com/ 45.131.1.208
2022-11-28 13:43:33 +0000 0 - 0 - 9 citytrend.com.ng/download-tom-macdonald-reneg (...) 45.131.1.208


Last 5 reports on ASN: Kaan Girgin
Date UQ / IDS / BL URL IP
2023-02-01 08:24:41 +0000 0 - 1 - 2 verlfymyonlineacc.com/878a900a05382a00702dbf2 (...) 5.180.107.178
2023-02-01 08:24:40 +0000 0 - 0 - 2 verlfymyonlineacc.com/fb5cacc5aafad990c2236b6 (...) 5.180.107.178
2023-02-01 08:24:40 +0000 0 - 1 - 2 verlfymyonlineacc.com/7ff87e7009cfae935c441f3 (...) 5.180.107.178
2023-02-01 08:24:37 +0000 0 - 0 - 2 verlfymyonlineacc.com/2d858bceabe162e053052bc (...) 5.180.107.178
2023-02-01 06:14:01 +0000 8 - 0 - 3 verlfymyonlineacc.com/298445f769b70b8f9375c18 (...) 5.180.107.178


Last 1 reports on domain: citytrend.com.ng
Date UQ / IDS / BL URL IP
2022-11-28 13:43:33 +0000 0 - 0 - 9 citytrend.com.ng/download-tom-macdonald-reneg (...) 45.131.1.208


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-01 05:03:18 +0000 0 - 0 - 2 thhkn.bemobtrcks.com/go/25fca8d0-b95a-430d-ba (...) 3.70.16.242
2022-12-01 00:51:35 +0000 0 - 0 - 1 qwqwq.16f46.bt.wy5532.com/ 81.171.22.7
2022-11-30 12:42:46 +0000 0 - 0 - 1 37.1.209.213/xD252Hx3?host=virtual-mode.de/&m (...) 37.1.209.213
2022-11-29 23:02:28 +0000 0 - 0 - 3 sergerod.me/polini-65cc.html 104.21.80.169
2022-11-29 15:04:34 +0000 0 - 0 - 2 parkingridiculous.com/ja0zu4j1?key=0f22c1fd60 (...) 173.233.137.36

JavaScript

Executed Scripts (36)

Executed Evals (0)

Executed Writes (4)
#1 JavaScript::Write (size: 10) - SHA256: dc11e0f3e48c241b36f4769e0d70fbaf4200a136d10a1c112f4edf9613365e4d
27.11.2022
#2 JavaScript::Write (size: 17) - SHA256: c21157dff7402bcc8f8927f17a289f5585c69fafc4c0dd8279dfedd4e4fdc5d2
19. november 2022
#3 JavaScript::Write (size: 10) - SHA256: 2c63700810e4979b0ea4be23d3cd029a01212519136c81f8258900415ea1e92b
28.11.2022
#4 JavaScript::Write (size: 17) - SHA256: c011b88de68bbe655aa4fc8a2804d8cf6a680eadce2a4c2b3d6e74261c6c1207
29. november 2022


HTTP Transactions (131)


Request Response
                                        
                                            GET /download-tom-macdonald-renegade-album/ HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.131.1.208
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Connection: Keep-Alive
Content-Length: 706
Date: Mon, 28 Nov 2022 13:43:21 GMT
Server: LiteSpeed
Location: https://citytrend.com.ng/download-tom-macdonald-renegade-album/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   706
Md5:    67f3a5933c17b3ab044826d3927d0ba9
Sha1:   5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
Sha256: 97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12647
Expires: Mon, 28 Nov 2022 17:14:08 GMT
Date: Mon, 28 Nov 2022 13:43:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6301
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 13:43:21 GMT
Last-Modified: Mon, 28 Nov 2022 11:58:21 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10617
Expires: Mon, 28 Nov 2022 16:40:18 GMT
Date: Mon, 28 Nov 2022 13:43:21 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 13:19:32 GMT
cache-control: public,max-age=3600
age: 1429
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 14U+moxT4/osjH6Pgcc6hsly87gCW1K12KP0kmiNu4zWAY7m2EMk3iME4aGkBh6wVNP/h084hBg=
x-amz-request-id: VJB84M95B3195EE0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 13:42:05 GMT
age: 76
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 13:08:55 GMT
cache-control: public,max-age=3600
age: 2067
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4837
Cache-Control: max-age=161050
Date: Mon, 28 Nov 2022 13:43:22 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:27:32 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Tue, 15 Nov 2022 21:29:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
                                        
                                            GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11256), with no line terminators
Size:   2394
Md5:    ce94f62588d05264ac0148712111cb11
Sha1:   518bcd922f54169aeb199c0ccbc5877165ac218e
Sha256: 84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
                                        
                                            GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4186), with no line terminators
Size:   982
Md5:    24f4d7f425e792ab35adaab50816e54a
Sha1:   9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
Sha256: 1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 02 Nov 2022 07:54:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   144
Md5:    fcbd239f30d9a6dd1f3637f291143d37
Sha1:   2871bf7d98af3f43e42f7fa32808048e7134fabf
Sha256: c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
                                        
                                            GET /wp-content/themes/mh-magazine-lite/style.css?ver=30.0 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Sun, 18 Sep 2022 12:23:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9583
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (586), with CRLF line terminators
Size:   9583
Md5:    fffb2289893c483248ee25d12f6315e1
Sha1:   a3ee02f5a0c9ff16025678c4520ed697ca5e99e7
Sha256: 31ea10e581992d152c7e3410e0a2d752a99b06f842886218380438fcd4155ba2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /Badges/DMCABadgeHelper.min.js HTTP/1.1 
Host: images.dmca.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.139.128.10
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 28 Nov 2022 13:43:22 GMT
content-encoding: gzip
content-length: 395
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1669643002.cds224.sk1.hn,1669643002.cds225.sk1.c
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   395
Md5:    365ad8f83802168e7326b29df6a22f4a
Sha1:   a096aa3c7e46525c7b7c54cb6b7987f01559b688
Sha256: dafd787e6bf2c7ed10cb6c14f36ada4e5e9b7c15ffe7393cd6000acb946ebf13
                                        
                                            GET /Badges/dmca-badge-w150-5x1-11.png?ID=0e3d6568-ffc1-4947-b3ef-f0b5b6b7a3f3 HTTP/1.1 
Host: images.dmca.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.139.128.10
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 28 Nov 2022 13:43:22 GMT
content-length: 3953
last-modified: Mon, 25 Jul 2016 19:39:16 GMT
accept-ranges: bytes
server: Microsoft-IIS/10.0
cache-control: public,max-age=31536000
etag: "9694b03aace6d11:0"
x-powered-by: ASP.NET
x-hw: 1669643002.cds224.sk1.hn,1669643002.cds246.sk1.c
link: <https://www.dmca.com/Badges/dmca-badge-w150-5x1-11.png>; rel="canonical"
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 30, 8-bit/color RGBA, interlaced\012- data
Size:   3953
Md5:    a2e492628cd8e78a24c5872f38280347
Sha1:   4271298cc5d1aceca7df02d42cf0112ae0e868da
Sha256: b738afd4ae441186f7e5bf1a36abac671895499539dc504723d5a2f5f6a9a065
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: go8Uf1g3CxnFBbvx/KKnfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mJeq3Ng5SYaS4TsNeRXKp79ptok=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519A786E26B6DB1B5916BBD4E340A4D8EA5561619425B1B7251305338FAB2BEE"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4124
Expires: Mon, 28 Nov 2022 14:52:06 GMT
Date: Mon, 28 Nov 2022 13:43:22 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 16 Feb 2022 13:09:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6658
Md5:    97c6ce9b4936f66aa388ad33c39aba2d
Sha1:   3f14a7e78fbb4935cf35c20779dc2035531849a9
Sha256: 1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
                                        
                                            GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 02 Nov 2022 21:29:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15569
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   15569
Md5:    689ebe98eda70de6e971dd03b18f0328
Sha1:   218ed8ee8e28b44f8492660c2c750f47ae0b3447
Sha256: 945844c773bb0f2ed5f1fb8d2f5ff8a4b9471860df265eda71fa679ff98ea80f
                                        
                                            GET /gtag/js?id=UA-134682053-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 13:43:22 GMT
expires: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43679
Md5:    d8cb5c2006d1027eba73a7a961b98d8a
Sha1:   af795e4bbf22a8cb4b8afa567437c29f15d91489
Sha256: ad4179c103158973ae7cf2584a95805ae94306231a24bd23183521dad47560e8
                                        
                                            GET /gtag/js?id=UA-57071470-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 13:43:22 GMT
expires: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43603
Md5:    5f105a65c3dbe361c2877fe57e33713f
Sha1:   3a290acfab90e0dbc07a8d5dbe8916b585160a49
Sha256: 7d97e5638c40c424853932be149ada6250b4f20f26e45b7439cd236672f4dc93
                                        
                                            GET /e-202248.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.76.3
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2690)
Size:   3459
Md5:    c449fe62a0fa87c4239fe86ffcef5620
Sha1:   dbd29ebd9d8c80442dc64360b65738975f745cfb
Sha256: ddacd7f6a64b7118c9f1f018001969441e78b4ea9ddcfb7759bf2dcd4658bb13
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 02 Nov 2022 07:54:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
                                        
                                            GET /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=30.0 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 16 Feb 2022 13:09:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9943
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7205)
Size:   9943
Md5:    48fe1f5cd6bc97d2e5bc7505a27eff78
Sha1:   8111fed42da087057f7c921456a77dcc6d03400c
Sha256: 7e273f68c3d9e1523bf647503371259b1b68aa903bac05730e5e851c5ec3ef86
                                        
                                            GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Tue, 24 May 2022 21:13:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2946)
Size:   1228
Md5:    7d8acf37582bf5212cbf4e31105de2ac
Sha1:   19581f31ceed66b11804eb6a2b3d00d43f73f071
Sha256: d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
                                        
                                            GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664400136 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 28 Sep 2022 21:22:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2820
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2820
Md5:    14bb19f1cdc7df7b838cd16600cbacb7
Sha1:   8b61b1183f890f4888bea2e00c11536827fd8f48
Sha256: d831665de6965cd37fedc73a215332c90cbbe36d96f986fbc9fe6bb0553b26ca
                                        
                                            GET /wp-content/uploads/2022/03/Tom-MacDonald-%E2%80%94-In-God-We-Trust-ft.-Adam-Calhoun-Struggle-Jennings-Nova-Rockafeller.jpeg?v=1646740311 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Tue, 08 Mar 2022 11:51:51 GMT
accept-ranges: bytes
content-length: 43817
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 554x554, components 3\012- data
Size:   43817
Md5:    cd0b16c7798a102c76dc60fec7102fe7
Sha1:   5f5c0bf5aa2461e4aeaf0fda074c157d8ce7a2e0
Sha256: 5e29f4d36dcdad700ad8d5fd1a0b34f87cdbe8b665f2f07e4e21512fb95815a2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /g.gif?v=ext&blog=150468578&post=216206&tz=1&srv=citytrend.com.ng&j=1%3A11.5.1&host=citytrend.com.ng&ref=&fcp=0&rand=0.38915136619856916 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 27 Nov 2022 21:00:08 GMT
Expires: Mon, 28 Nov 2022 21:00:08 GMT
ETag: "36d784bd0d30a270719e1d0f48a9ca217efe2dee"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    71b2b48ac390c194c6694c8160166647
Sha1:   36d784bd0d30a270719e1d0f48a9ca217efe2dee
Sha256: 78d761a62f43139d8fd40d48b011d80aa1339a86cf17a6bfaa2726d5030dbd8f
                                        
                                            GET /s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 00:21:41 GMT
expires: Sat, 25 Nov 2023 00:21:41 GMT
cache-control: public, max-age=31536000
age: 307301
last-modified: Thu, 21 Apr 2022 16:53:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16780, version 1.0\012- data
Size:   16780
Md5:    442e4ee909315121ec3abc8db2f5c2e5
Sha1:   c8ad6315296b32c25350e9c7c724d10a2a745cb6
Sha256: 9143c69a1b271019aa0c602b4addb1c0256e503785c1ddd6163c2cb176c50768
                                        
                                            GET /s/aladin/v18/ZgNSjPJFPrvJV5fF7i35.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 20:15:04 GMT
expires: Thu, 23 Nov 2023 20:15:04 GMT
cache-control: public, max-age=31536000
age: 408498
last-modified: Tue, 19 Apr 2022 18:31:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14584, version 1.0\012- data
Size:   14584
Md5:    96a894e6f290362cc8891c884896a688
Sha1:   b5e4d8e7c2733df559af646ac7f2b22f3e045d1e
Sha256: a4481662c28a73d75fadc803f856c57b84b5f5d7c9e6e69d78e0298089230682
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Tue, 24 May 2022 21:13:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
                                        
                                            GET /wp-content/uploads/2022/11/Mohbad-%E2%80%94-Weekend.jpeg HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 23 Nov 2022 19:41:50 GMT
accept-ranges: bytes
content-length: 101096
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1024x1024, components 3\012- data
Size:   101096
Md5:    b29ccef9a3a31fb3914b65a2d914533a
Sha1:   0f1b52d0f54df2ba57cea221b7a7b13815022c3e
Sha256: 8ce409b8e146c147b35b5555e5513731a0b26c8d085a06c19c2d502d21b6eabc
                                        
                                            GET /s/andika/v22/mem8Ya6iyW-Lwqg40ZMFVZ0b.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 21:49:49 GMT
expires: Wed, 22 Nov 2023 21:49:49 GMT
cache-control: public, max-age=31536000
age: 489213
last-modified: Tue, 24 May 2022 18:20:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 18784, version 1.0\012- data
Size:   18784
Md5:    5e643ce9feb3c7e6abe45c1e2cfe0346
Sha1:   1b71d8514200b3dfba4745d6d2717b108d3f67fa
Sha256: 9de3a56b75219c695ddf4d3b85ac20edc42db06e5fc52048dea09c43aa5898e1
                                        
                                            GET /s/federo/v19/iJWFBX-cbD_ETsbWilmf.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:51:26 GMT
expires: Tue, 21 Nov 2023 21:51:26 GMT
cache-control: public, max-age=31536000
age: 575516
last-modified: Thu, 21 Apr 2022 16:57:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26604, version 1.0\012- data
Size:   26604
Md5:    ae16f7900227bfd140a2814679773e4d
Sha1:   799cdf1c4e05d88448dbb5d54f241fb646809d98
Sha256: 3b011df17e8d9676cbaae47f785b9060a97feb144818eb5770e1d8ae7455dafd
                                        
                                            GET /libs/e.js HTTP/1.1 
Host: cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.48.117.210
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:22 GMT
Last-Modified: Tue, 13 Sep 2022 09:47:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632051a8-aec"
Expires: Tue, 29 Nov 2022 13:43:22 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1651
Md5:    02f679c9e331e69ac43f87af96915b9d
Sha1:   e589290852a088c34cbf7bb3104faa833244e1d4
Sha256: 7ea9bdfdd368aa5835ba2930414dc029b4d2ffbd46c362e33d2efaffbb8fad32
                                        
                                            GET /s/charissil/v1/oPWJ_kV3l-s-Q8govXvKlEbJdjlXQw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 11:08:49 GMT
expires: Thu, 23 Nov 2023 11:08:49 GMT
cache-control: public, max-age=31536000
age: 441273
last-modified: Thu, 26 May 2022 21:09:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21080, version 1.0\012- data
Size:   21080
Md5:    48342db9db569c134ad9833fdcd725ba
Sha1:   efccb4eb38df64794827e883061ae9065f1d55de
Sha256: 66f424798512ee4c642ebb6b85eb50777cf12523ebf9e596918b45803ca2facd
                                        
                                            GET /s/atkinsonhyperlegible/v10/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 12:42:58 GMT
expires: Thu, 23 Nov 2023 12:42:58 GMT
cache-control: public, max-age=31536000
age: 435624
last-modified: Tue, 30 Aug 2022 17:13:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Size:   16872
Md5:    c32b0a3027e412b3c3fc50cef29d655f
Sha1:   ff704b6084924ec2e1ac9e5b151c42aae59a6f6f
Sha256: 32e7aec16901a1f1a5ad7bd17c599fe62ede04f4059358d9134f89522fbc0162
                                        
                                            GET /s/atkinsonhyperlegible/v10/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 12:39:33 GMT
expires: Thu, 23 Nov 2023 12:39:33 GMT
cache-control: public, max-age=31536000
age: 435829
last-modified: Tue, 30 Aug 2022 17:13:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16496, version 1.0\012- data
Size:   16496
Md5:    d329c75ac853b7f32cafc5bca78e9d9e
Sha1:   d2a88418c5b207b5f0a5c3522c8cb7cf97bb9634
Sha256: d3351d61cc20cda98f78d87b7809925a951f4eabdfb13ef5ad8699a633114096
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /zone?pub=0&zone_id=2697734&is_mobile=false&domain=citytrend.com.ng&var=&ymid=&var_3= HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-length: 180
x-trace-id: 503accaf550d8b2742ae923b0429b2bb
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   180
Md5:    a05e130e2ed5a977231be4ec211bf860
Sha1:   e14ab29820075937870bbe4ff321cd6b836e8550
Sha256: 5b44a3a80a8754c7c8eb45d4b3a6d99d9b3e029c0804c68d900cf5ac44c7b7c0
                                        
                                            GET /wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://citytrend.com.ng/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: font/woff2
                                        
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 13:43:22 GMT
last-modified: Wed, 16 Feb 2022 13:09:19 GMT
accept-ranges: bytes
content-length: 77160
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /wp-content/uploads/2022/10/Tom-MacDonald-%E2%80%94-Sheeple.jpg?v=1665761941 HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/download-tom-macdonald-renegade-album/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: application/octet-stream
                                        
last-modified: Fri, 14 Oct 2022 15:39:01 GMT
accept-ranges: bytes
content-length: 1014982
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
content-disposition: attachment
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1793x1793, components 3\012- data
Size:   1014982
Md5:    212de50af9438f7eeb54dd51613d53a4
Sha1:   eb96093881674df8c68c4b59dd544a6079cbbbcf
Sha256: 9b29e4f20c72cddb351664a60e8c5a5a954aa7001021fb06f09c7d9e779e6dc3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F328A1E23B71D7E0C30DAE3796D8025D0A266265DB28F2558C1CEB507549C75D"
Last-Modified: Sun, 27 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20043
Expires: Mon, 28 Nov 2022 19:17:25 GMT
Date: Mon, 28 Nov 2022 13:43:22 GMT
Connection: keep-alive

                                        
                                            GET /images/core/emoji/14.0.0/svg/1f4af.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-length: 1808
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1808), with no line terminators
Size:   1808
Md5:    db009c8fa13d0f303df266e9d42c8e30
Sha1:   6d75617ac8ca67664480dc75d79cc0e20e37aca9
Sha256: a54c7a6df9d88bbd31edebbd5281e7152c6374fdabbf3f67185210cb3dd7eada
                                        
                                            GET /download-tom-macdonald-renegade-album/ HTTP/1.1 
Host: citytrend.com.ng
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         45.131.1.208
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.29
x-pingback: https://citytrend.com.ng/xmlrpc.php
link: <https://citytrend.com.ng/wp-json/>; rel="https://api.w.org/", <https://citytrend.com.ng/wp-json/wp/v2/posts/216206>; rel="alternate"; type="application/json", <https://citytrend.com.ng/?p=216206>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 13:43:22 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size:   17629
Md5:    e20502b10afbf11417516d4d4d08c5c8
Sha1:   7ae3aa23fb4c5a4f1c5e129af0d11dd37326f518
Sha256: 42a56c48b4a89bb825c6fd46a1c484e76ac50af793a75043c3ee2329e7189bea
                                        
                                            GET /images/core/emoji/14.0.0/svg/1f6a9.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
content-length: 278
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   278
Md5:    f5f43be48e7804a8265947d8dd64e430
Sha1:   16f482eb2be5319e5c9d126b33984c44f15d08ed
Sha256: 567538da8bf3dc5808b82098de8c325527074b36a579ba03549537fd627f3d65
                                        
                                            GET /load?z=1878579115&div=zone_1878579115&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=1310&hc=16&n=1669643002188&url=citytrend.com.ng%2Fdownload-tom-macdonald-renegade-album%2F&vc=0&ti=Download%20Tom%20MacDonald%20%E2%80%94%20Renegade%20(Album)%20%C2%BB%20CitytrendTv%20v2.0&zyx=3710390753 HTTP/1.1 
Host: z.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.48.117.210
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Length: 2266
Connection: keep-alive
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: -1
P3P: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: AU=66910b6b581db97b; Expires=Mon, 27 Nov 2034 22:00:35 GMT; Path=/; HttpOnly; Domain=.cdn.ftd.agency; SameSite=None; Secure


--- Additional Info ---
Magic:  ASCII text, with very long lines (524)
Size:   2266
Md5:    07f82fa9b4dedd92cc13e92810cca010
Sha1:   94f448087d0940138d0d5aa91d1abff651f4eb4a
Sha256: de100f3db1b89fae6113ce05eed2eee35d7eace5c6ddd50e069a5a3117a40070
                                        
                                            GET /event?z=1878579115&m=1395836530&n=4489030757228885600&t=&u=66910b6b581db97b HTTP/1.1 
Host: z.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         37.48.117.210
HTTP/1.1 400 Bad Request
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:22 GMT
Content-Length: 35
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8DE651E82CB7DEBD428570833964B9F3AE5F4824C119D14CD05E2CA1B9A432EA"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19968
Expires: Mon, 28 Nov 2022 19:16:11 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            GET /uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002 HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Cookie: AU=66910b6b581db97b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636a2c4c-4a7"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   485
Md5:    f4db8d6b80685e10a5f8a7e7310fd1f6
Sha1:   28073e5415cd2763ebb540e8be24082301e44470
Sha256: d56eb566ae5fdfd78c473d2b03b494dec98e2414565fb283c017e85154a6e339
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5554DA64D03EC1BA9FA42BD6EEC7EEDF7E3537B89A81450D4E420483518700A1"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 19:43:23 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            GET /uploads/media/1/9/54891/v1/css/style.css HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636a2c4c-307d"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   2467
Md5:    e4cde0ef75f8585c2e80aa2a92840cb4
Sha1:   52a38125e90ac3e5e9fc5e4abb76f3ad8b6eb785
Sha256: 8e67b2a5a27d2dc64d760e6263aa3b31c8df809a8e552703bd1ac80ccebad7b0
                                        
                                            GET /22eb00ba0187b9ce8be616b23e830d23/3511?version_name=c HTTP/1.1 
Host: 4e699dd731.b509ab5b0d.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 887
server: nginx/1.18.0
cache-control: max-age=300
expires: Mon, 28 Nov 2022 13:48:23 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (887), with no line terminators
Size:   887
Md5:    e73ff6153f3669ab0ba8ac83fcb71bbc
Sha1:   efcf370baeb8fc1a01c9080c7fa332b47e4916ea
Sha256: 614700afaa9eb3d7e9d3184f13a09949d658e512427bab541b80a2b9418f2b29

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watchnew?key=09cf4c3094c607f34f192871adcc4c44 HTTP/1.1 
Host: jbm6c54upkui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 13:43:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16358553; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODU1MywiayI6IjA5Y2Y0YzMwOTRjNjA3ZjM0ZjE5Mjg3MWFkY2M0YzQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjgwNjUyLCJwaWQiOjE3NTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoidXc1Z2c3NHhkbiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jaXR5dHJlbmQuY29tLm5nLyJ9fQ.8PkZjRZFdHGCXlgydiQRpk_ZRX__uMjMKMcSBHxnbUA; expires=Mon, 28 Nov 2022 13:44:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a21ead3f47c2811dbb351bb59fef4e4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   1113
Md5:    9bbee41d47176acb55faa47b5aba0008
Sha1:   1e73f2de6c423b255218de0b5839768ac166bb53
Sha256: 469663cb810c482b1dced0a569b6ed7540768b5ebf9440322609faedbc837864
                                        
                                            GET /libs/banner_html5.js HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Last-Modified: Tue, 09 Apr 2019 12:08:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cac8b35-8b8"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   879
Md5:    cd7724156280fa8c0921a6f399c118ba
Sha1:   3c5bfee8d57e22fa1cbaa31541989471d5b1f396
Sha256: 970448c1dded7ff0748f1099362d3494222704805b575740eed3005d4b9bc61a
                                        
                                            GET /uploads/media/1/9/54891/v1/img/s1-girl.png HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 7138
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-1be2"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 97 x 140, 8-bit colormap, non-interlaced\012- data
Size:   7138
Md5:    0c35ce4c32b2afcba58aded86f7ed1c0
Sha1:   8ddb5bfff26c8b0fd71f25f2d8064a0a1aa48a3f
Sha256: 0cfbc58aca75385b58e6c4ddbffb055186e1bc27ac9001468f06db87a41c52b9
                                        
                                            GET /uploads/media/1/9/54891/v1/img/s2-girl.png HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 7722
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-1e2a"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 123 x 169, 8-bit colormap, non-interlaced\012- data
Size:   7722
Md5:    e3dc86f775301b21812d8da4ea8363f1
Sha1:   a928b25576903a7de8d61bedee0192054faa8689
Sha256: bf9f9a8d6a05245a867cd34f4ed99ef10bf8611f99173b1fb607077a76513765
                                        
                                            GET /uploads/media/1/9/54891/v1/img/logo.png HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 1972
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-7b4"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 196 x 44, 8-bit colormap, non-interlaced\012- data
Size:   1972
Md5:    cd13f7c084327662a73584d4f14038cd
Sha1:   8475bcddc3fbed6453c94d8ce5005d045d788476
Sha256: 973e58224b0d759d0d0f4798a0cc8f3e00a1ad8c10f11dc53a85f65826a890d3
                                        
                                            GET /uploads/media/1/9/54891/v1/img/s1-logo.png HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1878579115&m=1395836530&c=2122788710&p0=1476051999&u=66910b6b581db97b&t=1669643002
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 3046
Last-Modified: Tue, 08 Nov 2022 10:15:40 GMT
Connection: keep-alive
ETag: "636a2c4c-be6"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 146 x 89, 8-bit colormap, non-interlaced\012- data
Size:   3046
Md5:    bf46d47951103eaf1b4380f19128887b
Sha1:   8c2d1bc13cfdfec6186c526c0c90a55a008c9fed
Sha256: c0de538c9731d118d4fba62969b692c97c21e8c7e058a0833104b41ef190ae21
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A5A56638F91D9149919A5E49BA8A7E93F81F05D93ED690A5D455B2DA661B537A"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12475
Expires: Mon, 28 Nov 2022 17:11:18 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1150
Md5:    7015755c643bbb81b3fda2fda417768e
Sha1:   d28faf909e6b913850e74b7a23c798f603e6dc1c
Sha256: 6d467bc579751cee112a20976cd295c2fb0bb39d0744a97ea25f623a12094b80
                                        
                                            GET /npc/sdk/wp-banners.js HTTP/1.1 
Host: js.wpadmngr.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Mon, 28 Nov 2022 13:48:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            GET /5f247bc4616b77a82439f0dac7d7af5d/invoke.js HTTP/1.1 
Host: jbm6c54upkui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 13:43:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43528888f719ac7b2f0f378d9865fe24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Size:   9283
Md5:    71252966e8bf792cd5021fb503ed895e
Sha1:   98a731ab705b1975dfd12f249984ae3340fe97e6
Sha256: 4cf4de1c78236d653cf79fb7eaa6b79d6e11cf8d0c749157f95e6f00ac2cc9b2
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 0
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /event HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 0
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2.cdn.ftd.agency
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:17:43 GMT
expires: Wed, 22 Nov 2023 22:17:43 GMT
cache-control: public, max-age=31536000
age: 487540
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            POST /custom HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Content-Type: application/json
Origin: https://citytrend.com.ng
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 39
x-trace-id: 80e37344e6b5df071700ec6604abb4f4
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            GET /uploads/media/1/9/54891/v1/img/glare.png HTTP/1.1 
Host: f2.cdn.ftd.agency
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://f2.cdn.ftd.agency/uploads/media/1/9/54891/v1/css/style.css
Cookie: AU=66910b6b581db97b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         178.162.194.134
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 0
Last-Modified: Thu, 24 Nov 2022 13:11:52 GMT
Connection: keep-alive
ETag: "637f6d98-0"
Expires: Tue, 29 Nov 2022 13:43:23 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Accept-Ranges: bytes

                                        
                                            POST /event HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Content-Type: application/json
Origin: https://citytrend.com.ng
Content-Length: 1375
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 94
x-trace-id: 094e404edac35a4e0425a5859b0d6050
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   94
Md5:    c27da64944e8d7dfb8aa9ea5a3469d14
Sha1:   1556dc2d61cd4934b0de777124fab005155921a7
Sha256: 3d03bd56ad6a9297dd7191d5b67d35f6120f289b9d470e906634bd3386c67082
                                        
                                            GET /watchnew?shu=6be78702462c64a583f1b92d49b12cfdc0fe5e94e53722368989410c0e5d7a9ce97da6edf2da0f404a83aadca03b4ce459736124bb4b58915162e661c9e7286dff4026b157f3a72ffaef670b3eff335fc8025feb06d587afb5ad75f9a22d4295&pst=1669643063&rmtc=t&uuid=&pii=&in=false&key=09cf4c3094c607f34f192871adcc4c44&refer=https%3A%2F%2Fcitytrend.com.ng%2F HTTP/1.1 
Host: jbm6c54upkui.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jbm6c54upkui.com/watchnew?key=09cf4c3094c607f34f192871adcc4c44
Cookie: u_pl=16358553; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODU1MywiayI6IjA5Y2Y0YzMwOTRjNjA3ZjM0ZjE5Mjg3MWFkY2M0YzQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjgwNjUyLCJwaWQiOjE3NTIwOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoidXc1Z2c3NHhkbiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jaXR5dHJlbmQuY29tLm5nLyJ9fQ.8PkZjRZFdHGCXlgydiQRpk_ZRX__uMjMKMcSBHxnbUA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 783
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://citytrend.com.ng/
Access-Control-Allow-Origin: https://citytrend.com.ng/
Access-Control-Allow-Credentials: true
Set-Cookie: iprcb2124f92fe2ab065e1ad95371beca439=2717289; expires=Tue, 29 Nov 2022 15:43:23 GMT; secure; SameSite=None pdhtkv=true; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None uncs=1; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None pdhtkv32=true; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None uncs32=1; expires=Tue, 29 Nov 2022 13:43:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 893bec32b683cefa21e6b2aac22c194f
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (569)
Size:   783
Md5:    8af081c43b9ebcf9703a475fe083980a
Sha1:   ab62fa2e0d7a1ff2c6fa13f7e91672d648354fa2
Sha256: 9d4a638a2e29cc460f9234ae9aaa3ce75c2afa0be275d5c72e35f474ce1f2fbb
                                        
                                            GET /images/core/emoji/14.0.0/svg/1f447.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (558), with no line terminators
Size:   803
Md5:    be7acd69eecd5e4cf23339ae823ab3b5
Sha1:   3ad22d92b60072f1b3d65dabda66ac29bb1e3f7a
Sha256: 52dccd280cd2503e62a7c9a7e560f49549e42d1ebb3c408367dd23ebe4f89542
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9B2CA2AB1E5658626ECB8D859F2EDE02DBDFDB2BC9F659150E8950B75D8D982"
Last-Modified: Sun, 27 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14608
Expires: Mon, 28 Nov 2022 17:46:51 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQ4MDAwNTk3MTIzNTc0MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjM1MTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRG93bmxvYWQlMkNUb20lMkNNYWNEb25hbGQlMkMlRTIlODAlOTQlMkNSZW5lZ2FkZSUyQyhBbGJ1bSklMkMlQzIlQkIlMkNDaXR5dHJlbmRUdiUyQ3YyLjAlMjAifQ== HTTP/1.1 
Host: c5400bbaf2.04cbf4193b.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.25
HTTP/2 200 OK
                                        
date: Mon, 28 Nov 2022 13:43:23 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 28 Nov 2022 14:25:41 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 56527
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 57100
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpU6HS6f0BpRceJVfwhBhOgKMTMvdMZj4ST9DMATiqfA10pNplyPtQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 57139
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6263
Md5:    b24e349e9d22fb30fbc80497b512cead
Sha1:   c033d1ecdb9e7640f3df044e39053bed8292fcbc
Sha256: 2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:55:54 GMT
age: 6449
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9063
Md5:    e615cdc2e330b5cf76435abce9aa631a
Sha1:   71f737c3cee7766494157cd6491ce247a785c09e
Sha256: 853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 19904
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8885
Md5:    3a1a4e00f1f15827cf651f373863c379
Sha1:   70c2a238f06ca7e56ef80c83738e081bf0de3330
Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 56517
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6376
Md5:    78b1389f425425d0450c94d900404dc4
Sha1:   53b12a8702f7c5b7cc697e2a24da824d9434be65
Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F7EF3722ECA4FAA85338C2C8ADD17C3C691DFAE73DCFE76E569FF1345A4E4583"
Last-Modified: Sun, 27 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4901
Expires: Mon, 28 Nov 2022 15:05:04 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FD7C1B8BA14558D084637C12F7588F3B464D4CCF74051C5EF3D74712CAF4F346"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10854
Expires: Mon, 28 Nov 2022 16:44:17 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            OPTIONS /in/multy HTTP/1.1 
Host: 0df76f9508.04cbf4193b.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         168.119.25.22
HTTP/2 204 No Content
                                        
server: nginx/1.18.0
date: Mon, 28 Nov 2022 13:43:23 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /d025a52ef006cf2ebb8ceb0b2aeacbc0.js HTTP/1.1 
Host: 4e699dd731.b509ab5b0d.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 28 Nov 2022 13:43:23 GMT
server: nginx/1.18.0
last-modified: Tue, 22 Nov 2022 16:27:58 GMT
etag: W/"637cf88e-48777"
content-encoding: gzip
expires: Mon, 28 Nov 2022 13:48:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   72955
Md5:    c2b300e5f3345aa192e663c4f7265de1
Sha1:   c7c64fb0817e9cbf7f151094687b2fde7a548dc5
Sha256: 619fc2b4d96c1da2b3c04d5ebe03cfd7da53b264f5bf2d76298cc5cd872ff7dd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8240F397607869E239C216CA93F78F84E25299C0AD4E7483B2BD53F7861142F0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1
Expires: Mon, 28 Nov 2022 13:43:24 GMT
Date: Mon, 28 Nov 2022 13:43:23 GMT
Connection: keep-alive

                                        
                                            GET /pixel/nvrwe?error=timeout HTTP/1.1 
Host: sandwichesinstinctive.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.20
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 13:43:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16358553 HTTP/1.1 
Host: www.spikereekvelocity.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jbm6c54upkui.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 13:43:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122935; expires=Tue, 29 Nov 2022 13:43:24 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYzNTg1NTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamJtNmM1NHVwa3VpLmNvbS8ifX0.78BHB2L0n1z22SesFiJei1NFpVmDTtROhFiZ6FZb4AM; expires=Mon, 28 Nov 2022 13:44:24 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82987197d7f3718d560def80a7569a60
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   1243
Md5:    6a4768a60f1b67c58315bf85a7232d5b
Sha1:   19e22b35fce260268a2bb88daaea7be19433a051
Sha256: 2c9763367414bffc07f99f56ad873da97de9507ea9e780358c06a7219b7291de

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 16:32:20 GMT
Expires: Sat, 03 Dec 2022 16:32:19 GMT
Etag: "622e4a511c836ac1d5f512554164a7abbf32208e"
Cache-Control: max-age=441534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77138840cbb21bfa-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 16:32:20 GMT
Expires: Sat, 03 Dec 2022 16:32:19 GMT
Etag: "622e4a511c836ac1d5f512554164a7abbf32208e"
Cache-Control: max-age=441534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771388412f78b4f4-OSL

                                        
                                            GET /m3vcib848?shu=4ff5ed78ef152f17e55274127efbc615614b506ad91c532e8b76a51c1526bdd3f13baeb0f5c279ba5ffb4afdb43cfecac286c330f9d78df12413ba64ec5c548f0650ba17762aae4abd37dd0d5f83f9d8b07c5f66&pst=1669643064&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fjbm6c54upkui.com%2F&psid=16358553 HTTP/1.1 
Host: www.spikereekvelocity.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/m3vcib848?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122935
Cookie: u_pl=16122935; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYzNTg1NTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vamJtNmM1NHVwa3VpLmNvbS8ifX0.78BHB2L0n1z22SesFiJei1NFpVmDTtROhFiZ6FZb4AM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         192.243.61.225
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 13:43:24 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://gertrk.com/click.php?key=n9wbuyk5h0mq6m6x7xc5&SUB_ID_SHORT=18eee11e83a2ca0c70cff4591d117c3b&COST_CPC=0.002400&PLACEMENT_ID=16122935&CAMPAIGN_ID=691144&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2042909
Set-Cookie: iprcb8b7177771a70f2ea86eeedb1adeb4c9=3819930; expires=Tue, 29 Nov 2022 13:43:24 GMT pdhtkv=true; expires=Tue, 29 Nov 2022 13:43:24 GMT uncs=1; expires=Tue, 29 Nov 2022 13:43:24 GMT pdhtkv28=true; expires=Tue, 29 Nov 2022 13:43:24 GMT uncs28=1; expires=Tue, 29 Nov 2022 13:43:24 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 149a4afb366e2b772e2cef537c3ae310
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /click.php?key=n9wbuyk5h0mq6m6x7xc5&SUB_ID_SHORT=18eee11e83a2ca0c70cff4591d117c3b&COST_CPC=0.002400&PLACEMENT_ID=16122935&CAMPAIGN_ID=691144&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2042909 HTTP/1.1 
Host: gertrk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         168.119.139.96
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.18.0
date: Mon, 28 Nov 2022 13:43:24 GMT
location: https://euro-times.org/no/vg?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c
set-cookie: uclick=ydvca3sc; expires=Tue, 29-Nov-2022 13:43:24 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c; expires=Tue, 29-Nov-2022 13:43:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   347
Md5:    a3253cd7b23d9850cd53e9e5937233d8
Sha1:   ac4d94b99a1b4f5a97cf933b64b467cac600ced9
Sha256: 295ef4c9f94336f9432e6481c9888e7292c3198385985ad9c200306bcfac8c74
                                        
                                            GET /no/vg/?lpkey=16b569c96498336904&uclick=ydvca3sc&uclickhash=ydvca3sc-ydvca3sc-tw8n-wffe-1mwj-8rg6-8rdu-07af6c HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 13:43:24 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16051)
Size:   37197
Md5:    fd27b5bacbacc94bc34df9b436b8990e
Sha1:   3e178e5df3c837795baf54ef00000272dd505d08
Sha256: c4556dd6e3e679399ec828c51c52cd44304ba4e25746e68c9e048ea6df7a8e8e
                                        
                                            GET /no/vg/vendor.67e32aaf581c20179082.css HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 28 Nov 2022 13:43:24 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:28 GMT
Accept-Ranges: bytes
Content-Length: 59548
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:24 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (59489)
Size:   59548
Md5:    1e0d1ba4e4338c872503027231d9dc3b
Sha1:   e34dec9da85672c3980361b52b74ea476328e661
Sha256: f9fe5280ae54a95dc50e6cacfd7ff7815ff23439761c00ff95719c84b261e769
                                        
                                            GET /no/vg/css.css HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:16 GMT
Accept-Ranges: bytes
Content-Length: 6904
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   6904
Md5:    d466b4fce52545fc65db3dea539f295e
Sha1:   122c952287f265a041f49984e76d4c4b91d8793e
Sha256: 1bb33da015e40392c387bdb088b426bd437fa0d25195c56d73e722f1a4a45c92
                                        
                                            GET /no/vg/landing.js HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:24 GMT
Accept-Ranges: bytes
Content-Length: 2695
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2695
Md5:    6f097f34f0d7d31372d8d10efb8b5bc5
Sha1:   abfdda42379821c0d427f7bafa00fa10aca78130
Sha256: 45a2c3718857a6d88bbea4677e8b3d15a36f09c2f9cffa89b38cc8cfd76178e8
                                        
                                            GET /no/vg/app.67e32aaf581c20179082.css HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:18 GMT
Accept-Ranges: bytes
Content-Length: 131940
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   131940
Md5:    89fa8a5de4a0df4f1ebbb6916391fc3d
Sha1:   2e3ea867be2bc412e7bbfd132845ebf061cedc4b
Sha256: 3b65b1c726a2308821d8b57be5c421fe119cf8bedfc7d510373bdf136b25e169
                                        
                                            GET /no/vg/4.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:20 GMT
Accept-Ranges: bytes
Content-Length: 2894
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size:   2894
Md5:    3e9ed2110941d9ef87cb94e45a33e7d9
Sha1:   62bbff3e512d8efe6a68da04ee2d45c4dc3abcbc
Sha256: 2815085a27a60c37d33139ea602e2a605a7a8f40ff72d0b00ba361eaed358f84
                                        
                                            GET /no/vg/b.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 30 Sep 2018 17:08:58 GMT
Accept-Ranges: bytes
Content-Length: 97034
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 993x614, components 3\012- data
Size:   97034
Md5:    f2d69a62db1116858a861ae6d2986083
Sha1:   8ba42fbda070dcbda267db7a5e9022a50120e29f
Sha256: 6107b8c6ed4f52a29b516deac8efe4b80a8c23f7685ab039f4b91eeb4dc0fc09
                                        
                                            GET /no/vg/3.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:16 GMT
Accept-Ranges: bytes
Content-Length: 2974
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size:   2974
Md5:    63295a967f84119e4ed60176db557802
Sha1:   0f7cf3da84692b77156e61009670e2a4ad8f24e0
Sha256: fd6bc83266fa8a104e1b767da0f1624edf26c38be0755834adfb2205be09c076
                                        
                                            GET /no/vg/2.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:28 GMT
Accept-Ranges: bytes
Content-Length: 2341
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size:   2341
Md5:    87c8eb24f85fa30bb0a90563a69cdea4
Sha1:   df45836de015b1638505ecb4c947995d0896057c
Sha256: 02a85ec09ad22e617c08be3386fafcbd688ac8cbedffcc90f4a9a47b9b0ac6e8
                                        
                                            GET /no/vg/mapbox-gl.css HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://euro-times.org/no/vg/app.67e32aaf581c20179082.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 39768
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (13302)
Size:   39768
Md5:    5805495ed9ceac85c259bc9031d77b15
Sha1:   ca5140c4b10c476efc309166aaa3dfdc841748e8
Sha256: 70659bc9428ad79353ad8ce663c4b3b145af109a5b3e31c062f7c758706d04f7
                                        
                                            GET /no/vg/css.1.css HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://euro-times.org/no/vg/app.67e32aaf581c20179082.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:24 GMT
Accept-Ranges: bytes
Content-Length: 5446
Cache-Control: max-age=2592000
Expires: Wed, 28 Dec 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   5446
Md5:    8054a406a0f2d3aa2ec8e4c4b8e9c418
Sha1:   b399ed5e75a1d87921055caa08d4edff4b9431d8
Sha256: 17bd4bcb69e324586fcc2400c75915b7dfdc25a4ecb96fedd885dbb2fbcbf793
                                        
                                            GET /no/vg/c.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Mon, 28 Nov 2022 06:57:26 GMT
Accept-Ranges: bytes
Content-Length: 45155
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x534, components 3\012- data
Size:   45155
Md5:    d2cef70e5a0d7da1d6397af10a73d730
Sha1:   99b428cb59c651c66862cc4c4e8075366fb030fc
Sha256: 16f7054030df372428fbc9178aaf5936d3759d56ea717ee0e3af20eb7f6d2e44
                                        
                                            GET /no/vg/1.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:24 GMT
Accept-Ranges: bytes
Content-Length: 2352
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 100x75, components 3\012- data
Size:   2352
Md5:    1dbbfde744cb9af22e0fc12f86792f1d
Sha1:   9fde5f98c88e2c5e03b44652bd2894d275f0263d
Sha256: 2041bc9199b8f2181e52e8554ca8d9126913d7913a7428d5e5ccae8e7c7392a7
                                        
                                            GET /no/vg/a.jpg HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 25674
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x334, components 3\012- data
Size:   25674
Md5:    94c3ec372b05fc9bade546f4d23ff3db
Sha1:   c4767884c046decc290fb6e0e7c2ec05ebd22034
Sha256: bf0da41d83412ede1e2bfea83e775a291839b06a1bb9b4c41f75045a6d7038ba
                                        
                                            GET /no/vg/3b9f95a06cd9fc9306ed4b0ec723efcf.woff2 HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 26808
Cache-Control: max-age=172800
Expires: Wed, 30 Nov 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26808, version 1.1311\012- data
Size:   26808
Md5:    3b9f95a06cd9fc9306ed4b0ec723efcf
Sha1:   cb944d4c9f62c13e6ccf0003542c164fb800b5ad
Sha256: 350217883795851e952edd10f09e244e2e385532b55fc26a55ef423bad2d7502
                                        
                                            GET /no/vg/addesk.php HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6b552c49e4947f4e0ca8830489ab4755
Sha1:   24c37b7fed326d6bed050ba6d605a195e3e80635
Sha256: ff11de8dd53431deb0047e022373452b60b0b432a9be16ee04121a7ced084337
                                        
                                            GET /no/vg/4dce9ca26ac8769a82cb76b8a72b2a93.woff2 HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:22 GMT
Accept-Ranges: bytes
Content-Length: 23272
Cache-Control: max-age=172800
Expires: Wed, 30 Nov 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23272, version 1.1311\012- data
Size:   23272
Md5:    4dce9ca26ac8769a82cb76b8a72b2a93
Sha1:   789f126c024d4977beb17d279f855c7d49f90461
Sha256: 2a1102749787811a8a8867540a17a0b3e05061683622c2c3ae78d3d382772e18
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/vg/7c88e5323e2bf5d49fd0c8d87c030ccd.woff2 HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://euro-times.org/no/vg/vendor.67e32aaf581c20179082.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:22 GMT
Accept-Ranges: bytes
Content-Length: 21260
Cache-Control: max-age=172800
Expires: Wed, 30 Nov 2022 13:43:25 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21260, version 1.1311\012- data
Size:   21260
Md5:    7c88e5323e2bf5d49fd0c8d87c030ccd
Sha1:   713d1194a0c98639323d8c06a548df511cfedde9
Sha256: c24cea5caf526a74d30801adc8b85a1b4f42f83a20318a212d358890d5a3148d
                                        
                                            GET /s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://euro-times.org
Connection: keep-alive
Referer: https://euro-times.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9944
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 02:07:55 GMT
expires: Fri, 24 Nov 2023 02:07:55 GMT
cache-control: public, max-age=31536000
age: 387330
last-modified: Wed, 11 Oct 2017 18:25:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9944, version 1.0\012- data
Size:   9944
Md5:    85486c163ae98867f1372ca48442a118
Sha1:   1ac9e1c0bda612393d7f16958266a52e4ada8efa
Sha256: ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
                                        
                                            GET /s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://euro-times.org
Connection: keep-alive
Referer: https://euro-times.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9716
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 18:28:26 GMT
expires: Mon, 27 Nov 2023 18:28:26 GMT
cache-control: public, max-age=31536000
age: 69299
last-modified: Wed, 11 Oct 2017 18:25:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9716, version 1.0\012- data
Size:   9716
Md5:    0c72437d3bc183ca78f71836a310a706
Sha1:   df5694192d18b520888505aef04dcf8acaed6a0f
Sha256: 693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe
                                        
                                            GET /no/vg/favicon.ico HTTP/1.1 
Host: euro-times.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         94.242.54.185
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Mon, 28 Nov 2022 13:43:25 GMT
Server: Apache
Last-Modified: Sun, 01 Jul 2018 08:35:30 GMT
Accept-Ranges: bytes
Content-Length: 318
Cache-Control: max-age=31536000
Expires: Tue, 28 Nov 2023 13:43:25 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size:   318
Md5:    a5ab8ad2fd256f4ab4d9395a785463f5
Sha1:   f42e0bf9b2b057991b1732dca73f9042bfafa291
Sha256: a6b8db404acfc856ae0ce12515d8b41e3d9adf84b3d37a183787dab935d84f6f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 56933
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10119
Md5:    15bd53848c7082464273007e010c54e0
Sha1:   9a3ca698ca1aeae695923277ed2244465e01a1ea
Sha256: 36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
                                        
                                            GET /ntfc.php?p=2697734 HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Didact+Gothic&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 13:43:22 GMT
date: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans:400,400italic,700,600 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 13:43:22 GMT
date: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://citytrend.com.ng/
Origin: https://citytrend.com.ng
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 28 Nov 2022 13:43:22 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://citytrend.com.ng
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Atkinson+Hyperlegible%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CAladin%3A400%2C400i%7CFedero%3A400%2C400i%7CAndika%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii%7CCharis+SIL%3A400%2C400i%2C700%2C700i%2C400ii%2C700ii&display=swap&subset=all&ver=3.2.5 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 13:43:22 GMT
date: Mon, 28 Nov 2022 13:43:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /f210f7ba21a960e73ad5cec27304caa6.js HTTP/1.1 
Host: 4e699dd731.b509ab5b0d.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytrend.com.ng
Connection: keep-alive
Referer: https://citytrend.com.ng/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 28 Nov 2022 13:43:22 GMT
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Mon, 28 Nov 2022 13:48:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed