citytox.com/wp-content/plugins/yuidghh/secure/login.php
87.116.13.124301 Moved Permanently 20 B URL HTTP/1.1 citytox.com/wp-content/plugins/yuidghh/secure/login.php
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yuidghh/secure/login.php HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-redirect-by: WordPress
location: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
vary: Accept-Encoding,Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
expires: Sun, 25 Sep 2022 04:02:33 GMT
content-length: 20
content-encoding: gzip
date: Sun, 25 Sep 2022 04:02:33 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 03:14:46 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rbLUoTmS433gaa-og2j_iBU8VyzzjhTDR99Z4q-9JETpJRxGlE9WMg==
Age: 2868
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Sun, 25 Sep 2022 05:03:43 GMT
Date: Sun, 25 Sep 2022 04:02:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5h9D2YzSfCH-bNAI53Nly-ZNA8ul1u0tmmux11elwn2Inx9CO-jNZQ==
age: 84440
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 04:02:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
citytox.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
87.116.13.124200 OK 7.2 kB URL HTTP/2 citytox.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (28088)
Hash f40cd4c39a41bb5ed3f140460c0fca05
ac1f534660e4a9f2987fc4243228638a83103d09
dec922a38fe1283ae5a87443786a840056ddce6ad773f4f48914f655f228232d
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 7162
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/modules/slick/slick.css?ver=5.4.1
87.116.13.124200 OK 473 B URL HTTP/2 citytox.com/wp-content/themes/number-two/modules/slick/slick.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Hash 17265c4988f4c1c4a9873fd06cf8687c
8eae27c19a7d9a1a763420e2312106d687f4a97c
e4fc89bbfbf516423de7ffa2cfb1127dd0ebea632596423ad43cff5873267545
GET /wp-content/themes/number-two/modules/slick/slick.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 473
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/modules/slick/slick-theme.css?ver=5.4.1
87.116.13.124200 OK 1.3 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/modules/slick/slick-theme.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Hash edc786096334aa55f71e62d2a94a1f61
4f1d4bca3e858a1f233691a9137cd79d1225b674
ac57a85520435fdd1fba51783086a9c922ad071af1042a3b7442e8bf93698d82
GET /wp-content/themes/number-two/modules/slick/slick-theme.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1266
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/css/font-awesome.min.css?ver=5.4.1
87.116.13.124200 OK 12 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/css/font-awesome.min.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (58929)
Hash 93cb03ebebf850310f531ab88bc78604
be3071eccd456f3f68bd4b19ba903e4fef4e4a68
beb2a0b0981ec0f75a1afaf3c36793454bbb5507f8b5d83a497b70f9faf89242
GET /wp-content/themes/number-two/css/font-awesome.min.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 12248
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 24 Sep 2022 21:03:08 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k0TcVB0q6-O3z0OxUZ86SZWl-MMxtKxi7OweOC7tAJmi_kOCDQ9K3g==
age: 25167
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/css/photoswipe-default-skin/default-skin.css?ver=5.4.1
87.116.13.124200 OK 2.8 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/css/photoswipe-default-skin/default-skin.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Hash 6d01137ae002ae222ab4af17ee3d1e4a
7b7c3aadcb6a16ac1e3edd58d03cda9c201e8af4
012e4c46a2f8e21afd4f5b6746146a6c00e981bd5d18e7c5a8a283bef5404def
GET /wp-content/themes/number-two/css/photoswipe-default-skin/default-skin.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2758
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/css/photoswipe.css?ver=5.4.1
87.116.13.124200 OK 1.1 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/css/photoswipe.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Hash f9bdf2a3bd64c744c9fa8d38417db74f
31da39afe49c3a6846eba7dd930683ae9c861be3
16d50541b4ccb1201f50302e00fc3d65d3d05b751ba6a1e9ee15dfa2af79c90d
GET /wp-content/themes/number-two/css/photoswipe.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1144
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/css/responsive.css?ver=37387df3b0cec6e0c048b300780b6a91
87.116.13.124200 OK 4.2 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/css/responsive.css?ver=37387df3b0cec6e0c048b300780b6a91
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b6ca03fcbd7323962f9e73fe9472f411
6c5b6d080b32c6fbf9cf9497657ddde6414465af
9926abc2352b40432bdebec6e2d5a77905bdadd3cdc04e0fadb80978948422de
GET /wp-content/themes/number-two/css/responsive.css?ver=37387df3b0cec6e0c048b300780b6a91 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 10:41:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 4230
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-includes/css/dashicons.min.css?ver=5.4.1
87.116.13.124200 OK 28 kB URL HTTP/2 citytox.com/wp-includes/css/dashicons.min.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (47523)
Hash a2f8a7f322419704fd40a1cf087b14e8
14144d89bfa8127879e7478bde4a884e74038f03
7760eb2bda6c1517773fbeb0d0c9880b68bc049bfb513de6b60d4d4607d587cd
GET /wp-includes/css/dashicons.min.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 28351
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/css/style.css?ver=ee5189a70f47b058fb0bff0bfe9096d8
87.116.13.124200 OK 20 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/css/style.css?ver=ee5189a70f47b058fb0bff0bfe9096d8
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Hash 0dd698e90acf03f64ff6c06d5c1db36c
d04f904c811b1a38c31a3237126e2f9255749b93
990a88e2e50d7bdb039cbe865d78cf9158894e13c9f4b1a6603f0e8e724629f4
GET /wp-content/themes/number-two/css/style.css?ver=ee5189a70f47b058fb0bff0bfe9096d8 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 11:21:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 19561
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.18
87.116.13.124200 OK 1.1 kB URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (7545), with no line terminators
Hash 799fbfd03257b0e9bb5ce4dd375e31d3
fd10777a2bf527abd69d17dad43b7f183a0606cc
df95b33f723d2620860d6c1e8c85a21eecbc9948a532150034f122d0e265ba4c
GET /wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1107
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/js/photoswipe/photoswipe.min.js?ver=5.4.1
87.116.13.124200 OK 12 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/js/photoswipe/photoswipe.min.js?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (31802)
Hash 3ba1ff7902899454c86b05d7e6a8dec7
55296c17316cac465b471e36848bdbe9f4e1fbc4
a80f815910a57c75d4cd95eeefc6f7c6692fa443bddc8c95258961646e0d942e
GET /wp-content/themes/number-two/js/photoswipe/photoswipe.min.js?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 11849
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.18
87.116.13.124200 OK 3.1 kB URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (30439), with no line terminators
Hash 669f4aa9fcdc8009af633c9b1c7e500a
40ba4696154ac0dfe2b17210f633fb7cd7878669
82337d71c49c129aaab72417f89d6b18c69b61087ccbeaf1b3fccb45e530a51d
GET /wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3136
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/modules/slick/slick.min.js?ver=5.4.1
87.116.13.124200 OK 10 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/modules/slick/slick.min.js?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (32076)
Hash d9aaf9095a4edcbac13ed9849974fe8c
d81411b52c9633dc15947b7f5969fb8fb52a90c1
61e3382ddc55c4778972c1a37ae40fe4b9a45e314b3ab61a2d6f382763db2298
GET /wp-content/themes/number-two/modules/slick/slick.min.js?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 10103
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.18
87.116.13.124200 OK 339 B URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (3860), with no line terminators
Hash acd182bb117119137a1d5c0db883e135
b9eb3379372d02ced85a7f22a5ecc4e071146a8e
8bb53cc01e1e143c36d62448c9456519b26b7d22d1141bfe5cef16c137f403fd
GET /wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 339
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citytox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
87.116.13.124200 OK 3.8 kB URL HTTP/2 citytox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (9959)
Hash 7c4522c04f6ad8cc5ba9d83d27a652c9
9b3058c58d6f0f3bcf204d57d5e38fc3ef507b8f
186df88869ab6951e2647db3b07fc025857cdab144cd7367513944d1d2f0f26c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3823
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/stom-gdpr/stom-gdpr.css?ver=5.4.1
87.116.13.124200 OK 278 B URL HTTP/2 citytox.com/wp-content/plugins/stom-gdpr/stom-gdpr.css?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with CRLF line terminators
Hash e6262bf14425d5c65004625fa6aecaf5
b2f1d39f114751ad6dd0e309fe80c671837c9317
6199c1592fc38698f7bed301ac5a33bc5294e78a7a5631db29797b0e4305048e
GET /wp-content/plugins/stom-gdpr/stom-gdpr.css?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 278
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/js/number-two.js?ver=3c8209d1161199d2ec6af2e02efccb02
87.116.13.124200 OK 6.0 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/js/number-two.js?ver=3c8209d1161199d2ec6af2e02efccb02
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c2708ab2c7f7c231f519e720729b7332
165a708690531659d5eaf30d6853f0ef36cbf236
0515d0bf5fc89f502ab24232d3bc2402d1190f9a5ec2f5f9d3bcd28eac5e65a7
GET /wp-content/themes/number-two/js/number-two.js?ver=3c8209d1161199d2ec6af2e02efccb02 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Wed, 21 Apr 2021 07:49:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 6009
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/js/skip-link-focus-fix.js?ver=aaf376b96abfbd1fc7a29375ea135c94
87.116.13.124200 OK 242 B URL HTTP/2 citytox.com/wp-content/themes/number-two/js/skip-link-focus-fix.js?ver=aaf376b96abfbd1fc7a29375ea135c94
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (580), with no line terminators
Hash 4127f8ff449fd8dffdab0b561d29c15f
f68c158dae4edfa0a54ad5b6ed1784cce42fc184
008f0da3c003b26b18ef335d6e422f72a6d0a5f236a49c0b95aeec6b183eab27
GET /wp-content/themes/number-two/js/skip-link-focus-fix.js?ver=aaf376b96abfbd1fc7a29375ea135c94 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 242
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/js/photoswipe/photoswipe-ui-default.min.js?ver=5.4.1
87.116.13.124200 OK 3.6 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/js/photoswipe/photoswipe-ui-default.min.js?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type HTML document, ASCII text, with very long lines (9767)
Hash 103f0e2ae813c6087c193529e5ed29a4
58a3fcc1016c76f7047cd39226fcaddc6c82abc5
a7b982dc4f204045bd3a6431ab400c40d27c26a990a7d6b3046e1d2f01ae9f89
GET /wp-content/themes/number-two/js/photoswipe/photoswipe-ui-default.min.js?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3555
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/js/navigation.js?ver=55eef512d584fe6d2abd504b55097419
87.116.13.124200 OK 1.6 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/js/navigation.js?ver=55eef512d584fe6d2abd504b55097419
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with CRLF line terminators
Hash b88b359d9f60c247a3ac90095697f05e
b46250f283e5ed891a1739cb36001e1c129674e3
8ce9260807803bee1c59fca577703263ebd8e79546fd7317f00822f6dadc6c7d
GET /wp-content/themes/number-two/js/navigation.js?ver=55eef512d584fe6d2abd504b55097419 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1644
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.18
87.116.13.124200 OK 874 B URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (1848), with no line terminators
Hash 569cec542e91a53db3c674b77edfd95e
a9e5514619e799b56c1fdb2103895ac91325d574
0bcb1d07d201328f3f747a59a5f8fa977d02a44122b78c4961141abfae4bba57
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 874
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.18
87.116.13.124200 OK 11 kB URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (65536), with no line terminators
Hash 077877cf17039a34298025d1b7d3feab
d63f0251517c641d158fe5d53afaedb9c6c5e4f2
29b3940391cbb9503838a5a82c3460ec32b34010b5a7e212d8eb9f19ad8927d7
GET /wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 11107
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-includes/js/wp-embed.min.js?ver=5.4.1
87.116.13.124200 OK 668 B URL HTTP/2 citytox.com/wp-includes/js/wp-embed.min.js?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (1399)
Hash 79acb960d2840c1804fb08a4acec7375
b1dd9a0a51809a1894bc9cf843b20bb3481438c7
addcb763d383b8de327e8e4ecdff8671f38c78910efaeec3a3e098cdbab183e7
GET /wp-includes/js/wp-embed.min.js?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 668
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/stom-gdpr/stom-gdpr.js?ver=5.4.1
87.116.13.124200 OK 1.2 kB URL HTTP/2 citytox.com/wp-content/plugins/stom-gdpr/stom-gdpr.js?ver=5.4.1
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (431), with CRLF line terminators
Hash 13affe983234acfa9dd063a1450aa0e3
014c02870debccb3f78908cbcdcf5aa7dd684496
1da4d3d362da8c62283672cf51ae593c518872182e6f2b3f3f2245c02d156c44
GET /wp-content/plugins/stom-gdpr/stom-gdpr.js?ver=5.4.1 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1171
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/uploads/2021/03/logo-hvid-300x61.png
87.116.13.124200 OK 6.7 kB URL HTTP/2 citytox.com/wp-content/uploads/2021/03/logo-hvid-300x61.png
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type PNG image data, 300 x 61, 8-bit colormap, non-interlaced\012- data
Hash 92cbe058532a2c99c96620c3b3d6eba7
63d05dd5a21c7a98ceba7947d0dcf24d5ee76b14
bc3a5d681a341b04844da95fa36c820b17ec25bc20f3fbb0bf5aa629240600cb
GET /wp-content/uploads/2021/03/logo-hvid-300x61.png HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: image/png
last-modified: Thu, 03 Feb 2022 13:16:02 GMT
accept-ranges: bytes
content-length: 6746
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/uploads/2021/03/di-logo.png
87.116.13.124200 OK 4.7 kB URL HTTP/2 citytox.com/wp-content/uploads/2021/03/di-logo.png
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type PNG image data, 193 x 92, 8-bit colormap, non-interlaced\012- data
Hash 53cf90105afd441bc83e0463f7bb469e
202e6dcdd57c677a2855cf8415320f99778a552a
ae0f321692258e13ff0ccfddc51e91fe58baff35aebde93707276bf73e557ba0
GET /wp-content/uploads/2021/03/di-logo.png HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: image/png
last-modified: Thu, 03 Feb 2022 13:15:56 GMT
accept-ranges: bytes
content-length: 4689
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.18
87.116.13.124200 OK 1.6 kB URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (4610)
Hash 2b96c3043a08342b977de709acd53932
27ceb58a8544635b4c7d7c4de024e4e98ae2f13a
b30aecb4a62460655692318b3d34698246a7be43ebe5708dd7c76d7b321713a1
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1604
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.18
87.116.13.124200 OK 10 kB URL HTTP/2 citytox.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.18
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (35070), with no line terminators
Hash 24ca6786b5ef79d4b11a40d428ecce5c
26943e1a8a6bcb175fbf731e80353c7a11e6be98
622953f8aa6d80d8d2210a48d64c0544e1f09718e9e267c2cc7deb7ad5775361
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.18 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 10081
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
87.116.13.124200 OK 33 kB URL HTTP/2 citytox.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type ASCII text, with very long lines (31997)
Hash a95303ca3b1a9372809d72ffa31bca40
65130bca144d3b49d5f97387173c423b9b4abfe3
c5d914b6693616fcf2c61bc363660dcc5f6ea7de5a25b1d6a5a2a95f39846565
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Mon, 25 Sep 2023 04:02:34 GMT
content-type: application/javascript
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 32853
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citytox.com/wp-content/uploads/2021/03/logo-hvid.png
87.116.13.124200 OK 24 kB URL HTTP/2 citytox.com/wp-content/uploads/2021/03/logo-hvid.png
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type PNG image data, 918 x 187, 8-bit colormap, non-interlaced\012- data
Hash 72b4aeff435e2a08d8f93fb820cd1868
7757031c36e2eab04e4772b20ca5aa37a0ee8a26
a28fa3ae48e588411db92fad5c7466b2c6630a17ede948033cd4d0ca275f993a
GET /wp-content/uploads/2021/03/logo-hvid.png HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: image/png
last-modified: Thu, 03 Feb 2022 13:16:02 GMT
accept-ranges: bytes
content-length: 24540
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 03:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 04:03:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NQXMEBJy_dxDcez7NIrYgR7DaR0UhbmbyxUtMdAosQ5BjWcPDeLP1g==
Age: 3496
www.googletagmanager.com/gtm.js?id=GTM-KS8M3T7
142.250.74.72200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KS8M3T7
IP 142.250.74.72:0
File type ASCII text, with very long lines (3371)
Hash b605ef5b977f9e7d4ee5915eddd259b7
b0346898556c747e42fe170a15d1578b81a945de
10b86338b022da773d9cac4c120ec15410d8e02b5bc8bd28cff261bbca5c86b8
GET /gtm.js?id=GTM-KS8M3T7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 04:02:34 GMT
expires: Sun, 25 Sep 2022 04:02:34 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47575
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
citytox.com/wp-content/uploads/2021/03/citytox6-1.jpg
87.116.13.124200 OK 46 kB URL HTTP/2 citytox.com/wp-content/uploads/2021/03/citytox6-1.jpg
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x800, components 3\012- data
Hash a20ff83f07bc53faaa3cb24f15b165ab
945a49e3bbdcb73bbee170f0967da2fbdfdb79aa
2b9c1c479764a7ed7796b0c5d13bf6080bd9e445214a0ddb14f3c2857d75d981
GET /wp-content/uploads/2021/03/citytox6-1.jpg HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: image/jpeg
last-modified: Thu, 03 Feb 2022 13:16:11 GMT
accept-ranges: bytes
content-length: 45500
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytox.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 213736
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
142.250.74.163200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytox.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 18:22:44 GMT
expires: Thu, 21 Sep 2023 18:22:44 GMT
cache-control: public, max-age=31536000
age: 293990
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://citytox.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:21 GMT
expires: Thu, 21 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 289694
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/images/CTA-Home.png
87.116.13.124200 OK 451 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/images/CTA-Home.png
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type PNG image data, 1920 x 553, 8-bit colormap, non-interlaced\012- data
Size 451 kB (451146 bytes)
Hash 9360d0f7e72c660cbcc68f228fbb1c06
1b6c1c913d2fd26bfb140a8de7bce6aa219675c6
db6b0096dbe0f6555a3de3963c404eda8e57c71261bd4d61af1ec596b052bc0b
GET /wp-content/themes/number-two/images/CTA-Home.png HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/themes/number-two/css/style.css?ver=ee5189a70f47b058fb0bff0bfe9096d8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: image/png
last-modified: Mon, 29 Mar 2021 13:34:00 GMT
accept-ranges: bytes
content-length: 451146
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4970
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Last-Modified: Sun, 25 Sep 2022 02:39:46 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
citytox.com/wp-content/themes/number-two/fonts/font-awesome/fa-solid-900.woff2
87.116.13.124200 OK 62 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/fonts/font-awesome/fa-solid-900.woff2
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data
Hash b75b4bfe0d58faeced5006c785eaae23
92da6e3c7121e21cdfde25ef08797a3937a683e1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
GET /wp-content/themes/number-two/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://citytox.com/wp-content/themes/number-two/css/font-awesome.min.css?ver=5.4.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: font/woff2
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-length: 62472
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
citytox.com/wp-content/themes/number-two/fonts/font-awesome/fa-brands-400.woff2
87.116.13.124200 OK 64 kB URL HTTP/2 citytox.com/wp-content/themes/number-two/fonts/font-awesome/fa-brands-400.woff2
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type Web Open Font Format (Version 2), TrueType, length 64144, version 1.0\012- data
Hash 6814d0e8136d34e313623eb7129d538e
d902f8db3e021155f177f698a252fb98d6e61768
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
GET /wp-content/themes/number-two/fonts/font-awesome/fa-brands-400.woff2 HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://citytox.com/wp-content/themes/number-two/css/font-awesome.min.css?ver=5.4.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: Mon, 23 Jan 2023 04:02:34 GMT
content-type: font/woff2
last-modified: Thu, 25 Mar 2021 13:30:56 GMT
accept-ranges: bytes
content-length: 64144
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/index.html?templateId=539adbd6dec7e10e686debee&businessunitId=5786124c0000ff0005924663
143.204.55.101200 OK 3.8 kB URL HTTP/2 widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/index.html?templateId=539adbd6dec7e10e686debee&businessunitId=5786124c0000ff0005924663
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16335)
Hash 85b348fabe689b8221b4587943ffab87
2bf99fbb292b426ce38ef22ca17772504cf2b269
7f799c2bfead09b6a87a352c642d0fd835d568775c12cfe53260edb98fedcc75
GET /trustboxes/539adbd6dec7e10e686debee/index.html?templateId=539adbd6dec7e10e686debee&businessunitId=5786124c0000ff0005924663 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 3826
date: Sat, 24 Sep 2022 11:36:15 GMT
last-modified: Tue, 20 Sep 2022 08:06:05 GMT
etag: "85b348fabe689b8221b4587943ffab87"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: evc3MsmUvQLzBNV6QU9-1_zRpRcZAOKuAWrPDtDW6axBN9-3eNqVRQ==
age: 59181
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/main.js
143.204.55.101200 OK 26 kB URL HTTP/2 widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/main.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64281), with no line terminators
Hash f7a69ce94a02d73c8d46773c179566fc
6ced91f58fa31f0f96debf9d91f10a071577e8a4
4dda95f34e11d881fd5afc3cf1e2c5a55e62b8de0ba936692aa4f036b4bceaf8
GET /trustboxes/539adbd6dec7e10e686debee/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/index.html?templateId=539adbd6dec7e10e686debee&businessunitId=5786124c0000ff0005924663
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 26541
last-modified: Tue, 20 Sep 2022 08:06:07 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 24 Sep 2022 08:06:53 GMT
cache-control: max-age=86400
etag: "f7a69ce94a02d73c8d46773c179566fc"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BwA1d8JowpiEf-kL24wPxyWhGx6zamQNvwnRtKaeSHomtU6IUnygVQ==
age: 71743
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 55cf6d5626526d503b3a81ee5e7ad610
55957a50270dc67cf97b8d9fd6014691cacef693
f10f190e6e1e522fe7ec170846af542f676b0fe8c5620483f3f568200bd66954
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 04:02:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 14:52:20 GMT
Expires: Fri, 30 Sep 2022 14:52:19 GMT
Etag: "55957a50270dc67cf97b8d9fd6014691cacef693"
Cache-Control: max-age=470383,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7500dd799dc8fab8-OSL
www.google.com/maps/embed/v1/place?q=Citytox+ApS¢er=55.714657%2C12.439393&zoom=14&maptype=roadmap&key=AIzaSyCVyVT8lyTv1Ugk1YeVKVOWYLymFLJIfNc
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/maps/embed/v1/place?q=Citytox+ApS¢er=55.714657%2C12.439393&zoom=14&maptype=roadmap&key=AIzaSyCVyVT8lyTv1Ugk1YeVKVOWYLymFLJIfNc
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2710)
Hash bfba9269c23a99f268a75b771b0b9fa0
677cce336840506f463451d330c6a44bf6c8e4f0
fbb1298db167a288e7d3c41115bb1ceffa11dbe21fd19cb330f0ab8a0816d6e3
GET /maps/embed/v1/place?q=Citytox+ApS¢er=55.714657%2C12.439393&zoom=14&maptype=roadmap&key=AIzaSyCVyVT8lyTv1Ugk1YeVKVOWYLymFLJIfNc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Language, Origin, X-Origin, Referer
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-sTRU4g_HpoNFqhprMS3Wug' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sun, 25 Sep 2022 04:02:35 GMT
server: scaffolding on HTTPServer2
content-length: 1347
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.crowdio.com/visitor/loadjs/2391
63.32.60.80200 OK 903 B URL HTTP/1.1 app.crowdio.com/visitor/loadjs/2391
IP 63.32.60.80:0
Hash 596ae273c52e665dcbe9d2cf00722196
97530a4585b46c23fd6f51e03f06224cdd44ca1b
2510d1c174f547c2b4a76dfdb43d1f67abdc301005c4dbccbd8c9546c218771f
GET /visitor/loadjs/2391 HTTP/1.1
Host: app.crowdio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Powered-By: Weply
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
content-type: text/javascript
p3p: CP="Crowdio"
Cache-Control: public, max-age=1200
ETag: 2022250904
Date: Sun, 25 Sep 2022 04:01:20 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
citytox.com/favicon.ico
87.116.13.124404 Not Found 5.1 kB IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash e5d46ee18ab929cd36afa7217ee83d62
1874d1909c4c507c933a01d2700a72ee2478679f
e3f8f9df9b0267bc3293c9195d27b250e35ef250f70d16077a537720f27c2f51
GET /favicon.ico HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/wp-content/plugins/yuidghh/secure/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
date: Sun, 25 Sep 2022 04:02:35 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 02:41:09 GMT
expires: Sun, 25 Sep 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 4886
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=da-DK&styleHeight=200px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5786124c0000ff0005924663&widgetId=539adbd6dec7e10e686debee
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=da-DK&styleHeight=200px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5786124c0000ff0005924663&widgetId=539adbd6dec7e10e686debee
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=da-DK&styleHeight=200px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5786124c0000ff0005924663&widgetId=539adbd6dec7e10e686debee HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/index.html?templateId=539adbd6dec7e10e686debee&businessunitId=5786124c0000ff0005924663
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Sun, 25 Sep 2022 04:02:35 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jGbxOqla-BOzHjB2lS_OhgSXQpW_PfxE55JHy7h-MXWW8G7I0o-xFw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U7xutFFdSIn8cj86z0M8kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nu83WIueP0mEMidkTVvXnbtdJvE=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/stats/TrustboxImpression?locale=da-DK&styleHeight=200px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5786124c0000ff0005924663&widgetId=539adbd6dec7e10e686debee
143.204.55.101204 No Content 0 B URL HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=da-DK&styleHeight=200px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5786124c0000ff0005924663&widgetId=539adbd6dec7e10e686debee
IP 143.204.55.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=da-DK&styleHeight=200px&styleWidth=100%25&theme=light&stars=1%2C2%2C3%2C4%2C5&url=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5786124c0000ff0005924663&widgetId=539adbd6dec7e10e686debee HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/539adbd6dec7e10e686debee/index.html?templateId=539adbd6dec7e10e686debee&businessunitId=5786124c0000ff0005924663
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Sun, 25 Sep 2022 04:02:35 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IW24LdZ3vbPksCM4eriYaV7RWmbpoNgWACBdZRZ37FWiwAsYGcyP7Q==
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HN3F4DEWL1&cid=1195758786.1664078554>m=2oe9l0&aip=1&z=1766809183
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HN3F4DEWL1&cid=1195758786.1664078554>m=2oe9l0&aip=1&z=1766809183
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HN3F4DEWL1&cid=1195758786.1664078554>m=2oe9l0&aip=1&z=1766809183 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 04:02:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-197507595-2&cid=1195758786.1664078554&jid=91496826&gjid=1580822203&_gid=1394055644.1664078554&_u=YADAAEAAAAAAAC~&z=458180468
64.233.162.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-197507595-2&cid=1195758786.1664078554&jid=91496826&gjid=1580822203&_gid=1394055644.1664078554&_u=YADAAEAAAAAAAC~&z=458180468
IP 64.233.162.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-197507595-2&cid=1195758786.1664078554&jid=91496826&gjid=1580822203&_gid=1394055644.1664078554&_u=YADAAEAAAAAAAC~&z=458180468 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://citytox.com
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://citytox.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Sep 2022 04:02:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 04:02:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
khms0.googleapis.com/kh?v=930&hl=en-US&x=1094&y=640&z=11
142.250.74.170200 OK 16 kB URL HTTP/2 khms0.googleapis.com/kh?v=930&hl=en-US&x=1094&y=640&z=11
IP 142.250.74.170:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 7c0ab831bc89aed567cb31cca3c0b328
411842b641ec537f88d5262e59fe29b2139610a4
082ef83ad2c42cf1a19b6350ce493f32a6dba6e1b2949be2f5291d80b446c410
GET /kh?v=930&hl=en-US&x=1094&y=640&z=11 HTTP/1.1
Host: khms0.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 25 Sep 2022 04:02:35 GMT
cache-control: public, max-age=31536000
expires: Mon, 25 Sep 2023 04:02:35 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 15831
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5d1e50603e533b0fb0bd2b96003dc45b
db57ec4d7c666e4be91ed289e948826599ea995a
f6ff1490ddee720638df2419024701e231aa8f02d45939fafc38c910c3db1de8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 04:02:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 13:11:30 GMT
Expires: Fri, 30 Sep 2022 13:11:29 GMT
Etag: "db57ec4d7c666e4be91ed289e948826599ea995a"
Cache-Control: max-age=464333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7500dd7ceeeffab8-OSL
app.weply.chat/compiled/windowapi/windowapi.min.js?t=20222584
63.32.60.80200 OK 4.0 kB URL HTTP/1.1 app.weply.chat/compiled/windowapi/windowapi.min.js?t=20222584
IP 63.32.60.80:0
File type ASCII text, with very long lines (15457), with no line terminators
Hash 8fa6d21680c6f75c54660009d894276d
d36314e952126fe13b82c5e1fcd26ef9aa16ff1a
4f6f8e7190853f9fccebba1289ac63ddc6b5c4644009e1b86af61b85f6ae7ea0
GET /compiled/windowapi/windowapi.min.js?t=20222584 HTTP/1.1
Host: app.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Powered-By: Weply
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
Last-Modified: Tue, 14 Jun 2022 05:29:50 GMT
ETag: W/"3c61-18160b08598"
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:01:20 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
region1.analytics.google.com/g/collect?v=2&tid=G-HN3F4DEWL1>m=2oe9l0&_p=1366321808&_gaz=1&cid=1195758786.1664078554&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664078553&sct=1&seg=0&dl=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&dt=Page%20not%20found%20-%20Citytox%20ApS&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-HN3F4DEWL1>m=2oe9l0&_p=1366321808&_gaz=1&cid=1195758786.1664078554&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664078553&sct=1&seg=0&dl=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&dt=Page%20not%20found%20-%20Citytox%20ApS&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HN3F4DEWL1>m=2oe9l0&_p=1366321808&_gaz=1&cid=1195758786.1664078554&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664078553&sct=1&seg=0&dl=https%3A%2F%2Fcitytox.com%2Fwp-content%2Fplugins%2Fyuidghh%2Fsecure%2Flogin.php&dt=Page%20not%20found%20-%20Citytox%20ApS&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://citytox.com
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://citytox.com
date: Sun, 25 Sep 2022 04:02:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.weply.chat/?wid=2391&minimized=null
99.80.139.86200 OK 2.6 kB URL HTTP/1.1 cdn.weply.chat/?wid=2391&minimized=null
IP 99.80.139.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3627)
Hash ae4b4206be5a8392cc946f6fdf9fde14
034ff6966a4ca97ae8597f9d2c1eb0b764392e99
4d0e0827d8637f9a37c0c6c34258887674c915e363d07c60b00467ec5e34e9d3
GET /?wid=2391&minimized=null HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"1b11-1831b9faff3"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/runtime-es2015.0ffd6416ff569a03a12b.js
99.80.139.86200 OK 1.6 kB URL HTTP/1.1 cdn.weply.chat/runtime-es2015.0ffd6416ff569a03a12b.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (3250), with no line terminators
Hash 3f5ff6fbcc4e48820d33ab7c84f033fd
ee1e87051e0256f83c2979d50fd7e52acc654258
19b617e752d0d0c8c72bf70327e45beb5fa12eeac08eea5e4bdc3146a1534127
GET /runtime-es2015.0ffd6416ff569a03a12b.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"cb2-1831b9faff3"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/polyfills-es2015.7de3fd127cacefea33dc.js
99.80.139.86200 OK 14 kB URL HTTP/1.1 cdn.weply.chat/polyfills-es2015.7de3fd127cacefea33dc.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (41677), with no line terminators
Hash e4561c36b285ec6934e46fec95ebfc8e
5dcf8caacab0d30894e47717730457c0bca8e457
a98536e4844cbaa50312f2f1a58f64d70b965ef0e4103951041eb7bdbc942886
GET /polyfills-es2015.7de3fd127cacefea33dc.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"a2cd-1831b9faff3"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 05:25:35 GMT
expires: Fri, 22 Sep 2023 05:25:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 254221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:52:00 GMT
expires: Thu, 21 Sep 2023 14:52:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 306636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.weply.chat/styles.7f49a9e855ac54f11451.css
99.80.139.86200 OK 37 kB URL HTTP/1.1 cdn.weply.chat/styles.7f49a9e855ac54f11451.css
IP 99.80.139.86:0
File type Unicode text, UTF-8 text, with very long lines (65305)
Hash a9e4b647d03d06acea832600ffc7ab30
72d76ea859f0be440195dcdf02cccc7eb187f70e
985e1e00ed8883476ef7b99721c522cdd86025a4490dfea1bd1cf296647a9c9b
GET /styles.7f49a9e855ac54f11451.css HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"366be-1831b9faff3"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/main-es2015.56a0b4d75882d2c77711.js
99.80.139.86200 OK 21 kB URL HTTP/1.1 cdn.weply.chat/main-es2015.56a0b4d75882d2c77711.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0726a8952d2c75d7ef00d6874e2cd010
52f9fe7b9bca8c3305c60ee34e1b5e254d3c24a8
e6bb4b9af8a0faebbeca11d43a4d79b6dce2f15d90eeb99d99ccea47d6327f6b
GET /main-es2015.56a0b4d75882d2c77711.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"15d12-1831b9faff3"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/vendor-es2015.8663283243e7b7ab7459.js
99.80.139.86200 OK 152 kB URL HTTP/1.1 cdn.weply.chat/vendor-es2015.8663283243e7b7ab7459.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 152 kB (152316 bytes)
Hash 9a7683ec48af27d89c1bc4047e88ce14
4749a6684242451a5a20bfd094368f05961bd448
8e6fce61197d4ec831c7484eea6f7d74a0bb1b2de855178aa03d1d00a7117aa1
GET /vendor-es2015.8663283243e7b7ab7459.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"7e150-1831b9faff3"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8604
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8604
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 23117
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
age: 23130
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8abddb2cad9c262667f358ecb9b084ae
2d97861b35e3d0ffe6a614037e4ff7946018b4ef
9b4878cf451b7bc5c7467d1e35e2fa12f54e516c878dd54d0293a4ef4947ba5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4237
x-amzn-requestid: 9e56dfd3-fa01-4f17-88fd-524f6385b515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQHZDoAMFayQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-41be4896776c43940ec21f10;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8nuwiFa5MQt6e3rfHwJlWcVejM-299WEDNFiscddW4iOVQjazIabtQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:27 GMT
age: 22989
etag: "2d97861b35e3d0ffe6a614037e4ff7946018b4ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bbdad67489e993cebd23ffb04ebd02c
3a69c08b4d25d1dae1abbabd103d6d295a2f5425
ee3839246f3bada3e3190c240c8ac64d8012a87c062c5e006ed80a7edcd773a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7404
x-amzn-requestid: f2e4d818-96bf-4a02-926f-38e0a9751e3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y16cBFIZoAMF38Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bd77f-7d9984d6318680a57ff250e2;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 03:33:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LNjXS9IjzjA5IGYC2rBcb3-AGmoV6gEuzzGasX71NYsQGHPuL6G66g==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 02:52:48 GMT
age: 4188
etag: "3a69c08b4d25d1dae1abbabd103d6d295a2f5425"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff2e4f2-f486-42c3-8a19-b33169da91f3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff2e4f2-f486-42c3-8a19-b33169da91f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14f002009f65f578b930d04203ba700a
7191af2da71fc0c7e3ca17b9f0b0132fc3cdc5b5
fafe43cbdfc56b72318d77bd5d30886bc4370a3f087df3bbbcb61b18ea0bbf81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff2e4f2-f486-42c3-8a19-b33169da91f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10627
x-amzn-requestid: f765ace2-73b4-493e-bf09-de605d64f283
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_Z3EfXoAMFRFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f790b-564393940c6453de719f30a0;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zYwkYYb6vxPU2kAKvbKNpWkil9OsWKTDOgSlI79kR4Ysvo5BE6PTlw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:42:53 GMT
age: 19183
etag: "7191af2da71fc0c7e3ca17b9f0b0132fc3cdc5b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gc7lA-XfgIAhotpUdrOaihuA2nbdMY2zNiJSHZpSN3yKPaT-k93auQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:07:29 GMT
age: 75307
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.weply.chat/assets/i18n/en.json?cacheBuster=msfksk3m222l268ssx68ggez
99.80.139.86200 OK 742 B URL HTTP/1.1 cdn.weply.chat/assets/i18n/en.json?cacheBuster=msfksk3m222l268ssx68ggez
IP 99.80.139.86:0
File type JSON data\012- HTML document, ASCII text
Hash e11aa0a56d683291320d4db821af7eca
42b4a7cdd2612070dc858406d65b4d5795ab4739
6ca6f458ce5238c5c3d7397451e5d9b8527df1620f728fb477e6c5afcfc8bd3e
GET /assets/i18n/en.json?cacheBuster=msfksk3m222l268ssx68ggez HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"70c-1831b9fafef"
Content-Type: application/json; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
app.weply.chat/visitor/widget/2391?templateId=null
63.32.60.80200 OK 1.5 kB URL HTTP/1.1 app.weply.chat/visitor/widget/2391?templateId=null
IP 63.32.60.80:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4194), with no line terminators
Hash 09ac5ef176aadcdb2791c22ac1ceff48
7721b4ca2e7d3b38bcdb5695e2319327c9997a09
c284c3dcd195ce7a306d9d3eefe5b803a60e4d1793b6c344b49f5bd4fa51967b
GET /visitor/widget/2391?templateId=null HTTP/1.1
Host: app.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.weply.chat
Connection: keep-alive
Referer: https://cdn.weply.chat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
X-Powered-By: Weply
Access-Control-Allow-Origin: *
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/json; charset=utf-8
ETag: W/"106e-U8B1G0xc6F1zvxJAKGu9KwPdL/8"
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:01:21 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/assets/i18n/dk.json?cacheBuster=msfksk3m222l268ssx68ggez
99.80.139.86200 OK 769 B URL HTTP/1.1 cdn.weply.chat/assets/i18n/dk.json?cacheBuster=msfksk3m222l268ssx68ggez
IP 99.80.139.86:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text
Hash 1c69cc2192fdf7cc4bedb12254340f35
5461aca25a5f4491d407ca583bd7910738504b8c
eb70e6438139dbce12989be74cf6674392b096381c81fd64a2a22db9595e9ef0
GET /assets/i18n/dk.json?cacheBuster=msfksk3m222l268ssx68ggez HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"6e8-1831b9fafef"
Content-Type: application/json; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/433-es2015.8e208e05d42a4b4bac24.js
99.80.139.86200 OK 2.4 kB URL HTTP/1.1 cdn.weply.chat/433-es2015.8e208e05d42a4b4bac24.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (17038), with no line terminators
Hash 21edec104894c85504af02260c3c5be7
62828905b8af2d69b1bbbf0e9a64171ffad49d5b
cbd196993c0b45f482bf53ec441e20246cdf856d5243517290089a1cdbff6a54
GET /433-es2015.8e208e05d42a4b4bac24.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"428e-1831b9fafef"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/common-es2015.afa4827591901f51e99f.js
99.80.139.86200 OK 890 B URL HTTP/1.1 cdn.weply.chat/common-es2015.afa4827591901f51e99f.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (2007), with no line terminators
Hash 9138b90f6254002276550dfd9117c2f3
71a3763d68d4d8d228c773bc8a8bdbd015f38030
44556f31e8f2acf04aa99488191bcfc64823d95b46895a4c0f3477785a451b56
GET /common-es2015.afa4827591901f51e99f.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"7d7-1831b9fafef"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
cdn.weply.chat/658-es2015.5488dda291108d100116.js
99.80.139.86200 OK 7.4 kB URL HTTP/1.1 cdn.weply.chat/658-es2015.5488dda291108d100116.js
IP 99.80.139.86:0
File type ASCII text, with very long lines (38251), with no line terminators
Hash cfcddc52dd6ec0a9c643ccbb8fe5b097
ad84f20973475bd5bcedfee0605e9a5e8cc4f037
8452f023d53ca6aecec4abb5fe8af7a55bec191b3927ff6dd4bd7c9ff44565a1
GET /658-es2015.5488dda291108d100116.js HTTP/1.1
Host: cdn.weply.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/?wid=2391&minimized=null
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 08 Sep 2022 05:43:13 GMT
ETag: W/"956b-1831b9fafef"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 04:02:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 39174a8ffbc8f8f49c2d5ee05ece15d7
a8786b8b08e0acbf250f8d89e5aec011f4518953
c0bcea72521f4528211d66ee1f0e4c46feb14d6669f82c8d28ed4b5683d887ef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 04:02:36 GMT
Last-Modified: Sun, 25 Sep 2022 03:10:07 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y96J5bTAmdaSr74l7C-viG34SamwAimANQfugpIjo2z2G99kOVdYdQ==
Age: 3149
s3-eu-west-1.amazonaws.com/files.crowdio.com/widget/trigger-icons/chat-icon-1.png
52.218.62.139200 OK 1.1 kB URL HTTP/1.1 s3-eu-west-1.amazonaws.com/files.crowdio.com/widget/trigger-icons/chat-icon-1.png
IP 52.218.62.139:0
File type PNG image data, 60 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash 2dbdd79b461d22829b6df43dfa7dc383
b6f77c32c2a26edd0ec52ca5ee06facf96825fa2
41ce84bee181b8303d7b150cc327d14850df9c45c5316be7e8c59f2032bf19f0
GET /files.crowdio.com/widget/trigger-icons/chat-icon-1.png HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.weply.chat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RbEMLvpJny5reU5BGzLtIx6HZ7AEMdmDkC6A0eS6MM1kEAHnaEj7fcJ7fw18hDo4eEgvIfHGXr0=
x-amz-request-id: D29PQ44Z46QGZE3K
Date: Sun, 25 Sep 2022 04:02:38 GMT
Last-Modified: Wed, 23 Oct 2019 13:26:05 GMT
ETag: "2dbdd79b461d22829b6df43dfa7dc383"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1148
citytox.com/wp-content/plugins/yuidghh/secure/login.php
87.116.13.124404 Not Found 0 B URL HTTP/2 citytox.com/wp-content/plugins/yuidghh/secure/login.php
IP 87.116.13.124:0
ASN #31027 GlobalConnect NN A/S
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yuidghh/secure/login.php HTTP/1.1
Host: citytox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://citytox.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,Accept-Encoding
content-encoding: gzip
date: Sun, 25 Sep 2022 04:02:34 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cabin%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A200%2C300%2C400%2C500%2C600%7CRoboto%3A200%2C300%2C400%2C500%2C600&ver=5.4.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Cabin%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A200%2C300%2C400%2C500%2C600%7CRoboto%3A200%2C300%2C400%2C500%2C600&ver=5.4.1
IP 142.250.74.10:0
GET /css?family=Cabin%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CMontserrat%3A200%2C300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A200%2C300%2C400%2C500%2C600%7CRoboto%3A200%2C300%2C400%2C500%2C600&ver=5.4.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://citytox.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 04:02:34 GMT
date: Sun, 25 Sep 2022 04:02:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2